[cisco-voip] Cisco Security Advisory: Cisco Unified IPConference Station and IP Phone Vulnerabilities
Lelio Fulgenzi
lelio at uoguelph.ca
Thu Feb 22 12:05:23 EST 2007
I heard it's userid:chambers password:iphone
--------------------------------------------------------------------------------
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...there's no such thing as a bad timbit...
----- Original Message -----
From: Jason Aarons (US)
To: cisco.voip ; cisco-voip at puck.nether.net
Sent: Thursday, February 22, 2007 12:01 PM
Subject: Re: [cisco-voip] Cisco Security Advisory: Cisco Unified IPConference Station and IP Phone Vulnerabilities
I hope they wouldn't publicly publish it, nor would someone post it
here!
-----Original Message-----
From: cisco-voip-bounces at puck.nether.net
[mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of cisco.voip
Sent: Thursday, February 22, 2007 11:59 AM
To: cisco-voip at puck.nether.net
Subject: [cisco-voip] Cisco Security Advisory: Cisco Unified IP
Conference Station and IP Phone Vulnerabilities
Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G and 7971G
devices contain a hard coded default user account with a default
password which is remotely accessible via a Secure Shell (SSH) server
enabled on the phone. This default user account may be leveraged to
gain administrative access to a vulnerable phone via a privilege
escalation vulnerability.
Does anyone know the default user account info?
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
-----------------------------------------
Disclaimer:
This e-mail communication and any attachments may contain
confidential and privileged information and is for use by the
designated addressee(s) named above only. If you are not the
intended addressee, you are hereby notified that you have received
this communication in error and that any use or reproduction of
this email or its contents is strictly prohibited and may be
unlawful. If you have received this communication in error, please
notify us immediately by replying to this message and deleting it
from your computer. Thank you.
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20070222/6b242751/attachment.html
More information about the cisco-voip
mailing list