CVE-2006-5233

Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote attackers to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl script.

Score7.8
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactCOMPLETE
Published2006-10-10 09:07:00.000-04
Last Modified2017-07-19 09:33:37.000-04

Vulnerable Software List

VendorProductVersions
Polycom Soundpoint Ip 301 1.4.1.0040

References

SourceLink
FULLDISC20061004 (0-Day) PolyCom IP-301 VoIP Desktop Phone HTTP server DoS and undocumented TCP port 42
BID20351
XFsoundpoint-ip301-long-url-dos(29350)