Cisco IP Phone 8800 Series Web Application Buffer Overflow Vulnerability
A vulnerability in the Cisco IP 8800 Series Phone web application could allow an unauthenticated, remote attacker to cause the web server process to become unavailable, resulting in a denial of service (DoS) condition.The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a malicious request to the web server, which could cause the service to crash. A successful exploit could allow the attacker to trigger a buffer overflow and create a DoS condition on the targeted system.
Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
This advisory is available at the following link: http://ift.tt/1TXCVaN
A vulnerability in the Cisco IP 8800 Series Phone web application could allow an unauthenticated, remote attacker to cause the web server process to become unavailable, resulting in a denial of service (DoS) condition.The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a malicious request to the web server, which could cause the service to crash. A successful exploit could allow the attacker to trigger a buffer overflow and create a DoS condition on the targeted system.
Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.
This advisory is available at the following link: http://ift.tt/1TXCVaN
Security Impact Rating: Medium
CVE: CVE-2016-1421
from Cisco Security Advisory http://ift.tt/1TXCVaN