CVE-2005-4794
First published: Sat Dec 31 2005(Updated: )
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Application and Content Networking Software | ||
| Cisco ATA | =186 | |
| Cisco ATA | =188 | |
| Cisco Subscriber Edge Services Manager | ||
| Cisco IP Phone 7902 | ||
| Cisco IP Phone 7905 | ||
| Cisco IP Phone 7912 | ||
| Cisco Unity Express Software |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en
- http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
- http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
- http://www.securityfocus.com/bid/13729
- http://securitytracker.com/id?1014043
- http://securitytracker.com/id?1014044
- http://securitytracker.com/id?1014045
- http://securitytracker.com/id?1014046
- http://securitytracker.com/id?1015975
- http://secunia.com/advisories/15472
- http://www.osvdb.org/19003
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20712
Frequently Asked Questions
What is the severity of CVE-2005-4794?
The severity of CVE-2005-4794 is categorized as high due to its potential to cause denial of service.
How do I fix CVE-2005-4794?
To fix CVE-2005-4794, it is recommended to apply the latest patches and updates provided by Cisco for the affected devices.
Which Cisco devices are vulnerable to CVE-2005-4794?
CVE-2005-4794 affects Cisco IP Phones 7902, 7905, 7912, ATA 186, ATA 188, Unity Express, and Subscriber Edge Services Manager.
What type of attack does CVE-2005-4794 involve?
CVE-2005-4794 involves a remote denial of service attack that can crash or destabilize devices through malformed DNS packets.
Is there a known exploit for CVE-2005-4794?
Yes, there are known exploits that can be utilized to execute the denial of service attack associated with CVE-2005-4794.
- agent/type
- agent/references
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/event
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/cisco
- canonical/cisco application and content networking software
- canonical/cisco ata
- version/cisco ata/186
- version/cisco ata/188
- canonical/cisco subscriber edge services manager
- canonical/cisco ip phone 7902
- canonical/cisco ip phone 7905
- canonical/cisco ip phone 7912
- canonical/cisco unity express software