Summary
We have discovered that 3Com NBX VOIP NetSet is running on the remote host. 3Com NBX VoIP NetSet's web server is powered by VxWorks.
The web server is known to contain vulnerabilities that would allow a remote attacker to cause a denial of service against the product by simply running a port scanning/vulnerability scanning engine against it.
Problems have been observed in Netset 4.2.7, bur previous 4.1 versions seem to be ok.
See Also : http://www.secnap.com/security/20040420.html
Severity
Classification
-
CVE CVE-2004-1977 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Rave User Information Disclosure Vulnerability
- Apache Tomcat Information Disclosure Vulnerability
- 12Planet Chat Server one2planet.infolet.InfoServlet XSS
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities