Notified: May 28, 2003 Updated: May 30, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: May 30, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: January 31, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 28, 2003 Updated: May 30, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: June 24, 2003
Not Affected
Avaya voicemail systems are not vulnerable to attacks that use caller ID information to authenticate administrative access to voice mailboxes.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: May 30, 2003
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: June 02, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: June 02, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: May 30, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 27, 2003 Updated: August 07, 2003
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: July 30, 2003 Updated: August 08, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: June 05, 2003 Updated: July 02, 2003
Not Affected
Mediatrix Telecom, inc does not provide voice mail system, and is therefore not affected by this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: January 31, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 29, 2003 Updated: May 30, 2003
Not Affected
Not vulnerable. A PIN is always required for administrative voicemail access and configuration. The default configuration requires a PIN for user mailbox access.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: May 30, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: January 31, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 28, 2003 Updated: May 30, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: July 15, 2003
Affected
Nortel Networks CallPilot and Meridian Mail voicemail systems do not generally authenticate by Caller ID but require a mailbox number + password to authenticate access to the mailbox. For additional security, users are forced to change the default password assigned to a newly created mailbox, the first time they logon. The only exception is where the auto logon feature is specifically configured by the administrator for a mailbox, in which case a user at the given Directory Number can access the corresponding mailbox without entering the mailbox number + password. Nortel Networks voicemail systems do not hard code or default to this behavior.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: June 05, 2003
Not Affected
Pingtel's voicemail product does not presently allow administrative access via a TUI (telephony user interface) to individual voicemail accounts.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: January 31, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: July 30, 2003 Updated: August 08, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: January 31, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: July 30, 2003 Updated: August 08, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 28, 2003 Updated: June 23, 2003
Not Affected
Shoreline's Voice System does not use Caller ID for authentication to Voice Mail.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: June 02, 2003 Updated: June 04, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: January 31, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 28, 2003 Updated: May 30, 2003
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: January 31, 2007
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 30, 2003 Updated: May 30, 2003
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.