QwikSec

Security Database

CVE

CWE

Training

CVE-2005-0506

Published: Feb 22, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20050222 Avaya IP Office Phone Manager - Sensitive Information Cleartext

mailing-list

x_refsource_BUGTRAQ

20050222 Re: Avaya IP Office Phone Manager - Sensitive Information Cleartext Vulnerability

mailing-list

x_refsource_BUGTRAQ

http://support.avaya.com/elmodocs2/security/ASA-2005-041_Sensitive_Info_Leak.pdf

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.