Cisco ATA-186 Password Circumvention / Recovery

This script is Copyright (C) 2002-2013 Tenable Network Security, Inc.


Synopsis :

The remote telephone adapter has a security bypass vulnerability.

Description :

The remote host appears to be a Cisco ATA-186 - an analog telephone
adapter used to interface analog telephones to VoIP networks.

The adapter is configured via a web interface that has a security
bypass vulnerability. It is possible to bypass authentication by
sending an HTTP POST request with a single byte, which could allow
a remote attacker to take control of the device.

See also :

http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html
http://www.nessus.org/u?7812ad0c

Solution :

Apply the patch referenced in the vendor's advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 11012 (cisco_ata186_password_circumvent.nasl)

Bugtraq ID: 4711
4712

CVE ID: CVE-2002-0769