Avaya PSN004154u - 96x1 and B189 Endpoint Command Injection, Memory Modification User's Manual
Product Support Notice
© 2015 Avaya Inc. All Rights Reserved.
PSN # PSN004154u
Original publication date: 27-Feb-14. This is Issue #03, published date: 3-
Mar-14.
Severity/risk level
Medium Urgency
when convenient
Name of problem
Avaya 96x1 and B189 Endpoint Command Injection, Memory Modification and Code Execution Vulnerabilities
Products affected
Avaya IP Endpoints affected:
Product:
Affected
Version(s):
Risk
Level:
Actions:
Avaya 9601/9608/9608G/9611G/9621G/9641G IP
Deskphones
6.3.1.21 and earlier
SIP software
Medium
Upgrade to 6.3.1.22
(May 15
th, 2014) GA
or newer, available on
the Avaya Support
website.
Avaya 9608/9608G/9611G/9621G/9641G IP
Deskphones
6.3.1.51 and earlier
H.323 software
Medium
Upgrade to 6.4.0.14
(June 2, 2014) GA or
newer, available on
the Avaya Support
website.
Avaya B189 IP Conference Phone
1.0.0.22 and earlier
H.323 software
Medium
Upgrade to 1.0.1.08
(June 8, 2014) GA or
newer, available on
the Avaya Support
website.
Problem description
1. Overview:
Avaya's IP endpoints retrieve an upgrade and settings file from an HTTP server during boot up. The HTTP server IP address is set up
in the endpoint either via DHCP or manually by entering a special key sequence with a password on the key pad. Modifications to the
upgrade and settings files require user access and permissions on the HTTP server. Software on the IP endpoints parses the contents of
these files and is only executed while reading these files.
A vulnerability exists in this parsing software, which could potentially execute arbitrary shell commands as root, allowing arbitrary
changes to the kernel and all applications on the phone.
A second vulnerability exists in the parsing software for endpoints using SIP signaling. This vulnerability could potentially cause a
buffer overflow on the stack, allowing arbitrary changes to memory and execution of arbitrary code as root.
Resolution
See table in the “Products Affected” section of this PSN.
Workaround or alternative remediation
n/a
Remarks
Patch Notes
The information in this section concerns the patch, if any, recommended in the Resolution above.
Backup before applying the patch
n/a
Download
n/a
Related Manuals for Avaya PSN004154u - 96x1 and B189 Endpoint Command Injection, Memory Modification
-
AT&T Conference Phone 1855 User's Manual
32 pages
-
AT&T Conference Phone CL2939 User's Manual
60 pages
-
Cisco Systems Conference Phone 7937 User's Manual
2 pages
-
RCA Conference Phone RP-9115A User's Manual
1 pages
-
Aiphone Conference Phone LE-D User's Manual
2 pages
-
Aiphone Conference Phone LE-DA User's Manual
2 pages
-
AT&T Conference Phone 1872 User's Manual
14 pages
-
Jabra Conference Phone HFS100 User's Manual
21 pages
-
Jabra Conference Phone Jabra SP700 User's Manual
20 pages
-
Uniden Conference Phone Speakerphone 1380BK User's Manual
44 pages
-
Uniden Conference Phone CEZ260 User's Manual
1 pages
-
Bang & Olufsen Conference Phone BeoCom Beocom 6000 User's Manual
56 pages
-
Vertical Communications Conference Phone and FX Series User's Manual
68 pages
-
Lucent Technologies Conference Phone Voice Terminal 8434DX User's Manual
10 pages
-
Sennheiser Conference Phone CONFERENCE SYSTEM SDC 8000 User's Manual
116 pages
-
ClearOne Conference Phone Converge Pro 880T User's Manual
2 pages
-
ClearOne Conference Phone CONVERGE SR 1212 User's Manual
320 pages
-
Avaya Conference Phone B169 Conference Phone Quick Start Guide
4 pages
-
Avaya Conference Phone B169 Conference Phone User Guide
38 pages
-
Avaya Conference Phone B189 Conference IP Phone User's Manual
56 pages
-
Avaya Conference Phone B149 Conference Phone User Guide
26 pages
-
Avaya Conference Phone B179 SIP Conference Phone Quick Reference Guide
4 pages
-
Avaya Conference Phone B159 Conference Phone Quick Reference Guide
4 pages
-
Avaya Conference Phone B149 Conference Phone Quick Reference Guide
4 pages