CVE-2007-5361
CVE-2007-5361 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:N/A:C
The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename.
Learn more about our Cis Benchmark Audit For Server Software.