This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote IP telephony device is missing a vendor-supplied patch.
According to its self-reported version, the version of the Cisco
Unified IP Phone software running on the remote device does not properly
process SIP headers. By sending a specially crafted SIP header to the
device, a remote attacker may be able to cause the phone to unregister,
resulting in a denial of service condition.
See also :
Apply the relevant update referenced in Cisco Security Notice.
Risk factor :
Medium / CVSS Base Score : 5.4
CVSS Temporal Score : 4.7
Public Exploit Available : true
Nessus Plugin ID: 72725 ()
Bugtraq ID: 64770
CVE ID: CVE-2014-0658
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.