← back
CVE-2005-0506

CVE-2005-0506

EPSS 2.8%
The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/839unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=110909733831694&w=2http://marc.info/?l=bugtraq&m=110910486128709&w=2http://support.avaya.com/elmodocs2/security/ASA-2005-041_Sensitive_Info_Leak.pdf