Vulnerability Description
The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious content.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vonage | Motorola Phone Adapter Vt2142-Vd | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/38524
- http://osvdb.org/38525
- http://secunia.com/advisories/27380Vendor Advisory
- http://www.securityfocus.com/bid/26129
- http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=357
- http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=360
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37416
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37420
- http://osvdb.org/38524
- http://osvdb.org/38525
- http://secunia.com/advisories/27380Vendor Advisory
- http://www.securityfocus.com/bid/26129
- http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=357
- http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=360
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37416
FAQ
What is CVE-2007-5791?
CVE-2007-5791 is a vulnerability with a CVSS score of 10.0 (HIGH). The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as d...
How severe is CVE-2007-5791?
CVE-2007-5791 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5791?
Check the references section above for vendor advisories and patch information. Affected products include: Vonage Motorola Phone Adapter Vt2142-Vd.