Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Device (VoIP/Phone/FAX)  >   Cisco IP Phones Vendors:   Cisco
Cisco Unified IP Phone Extension Mobility Feature Lets Remote Authenticated Users Eavesdrop
SecurityTracker Alert ID:  1019006
SecurityTracker URL:
CVE Reference:   CVE-2007-6190   (Links to External Site)
Updated:  Dec 7 2007
Original Entry Date:  Nov 28 2007
Impact:   Disclosure of user information
Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   A vulnerability was reported in Cisco Unified IP Phone. A remote user can eavesdrop on arbitrary phones in certain cases.

A remote user with valid Extension Mobility authentication credentials can cause a target phone that is configured to use Extension Mobility to transmit or receive an audio stream.

The internal web server of the target phone must be enabled (the default configuration).

The remote user must first obtain Extension Mobility authentication credentials by monitoring the network between a phone and the switch port during login, as the credentials are sent without encryption.

Phones that are being remotely monitored will have the speaker phone status light on and will display the off-hook icon.

Joffrey Czarny of Telindus reported this vulnerability at HACK.LU 2007.

The original advisory is available at:

Impact:   A remote user with certain authentication credentials can eavesdrop on arbitrary phones.
Solution:   No solution was available at the time of this entry.

Cisco has described a workaround in their advisory.

The Cisco advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Access control error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, LLC