[cisco-voip] Cisco 7900 series phone Nessus scan
When performing a Nessus scan on a 7970 Cisco phone running SCCP70.9-3-1SR4-1S code (the latest I can find), it reports the following medium vulnerability: RomPager HTTP Referer Header XSS Description The remote RomPager HTTP server is affected by a cross-site scripting vulnerability. The server does not properly sanitize the referer header value when generating a 404 error page. Solution Upgrade to RomPager 4.51 or later. See Also http://www.nessus.org/u?54798697 I also receive this same vulnerability when scanning a 7961 and a 9951 phone. I've done some googling and don't find anything relevant to locking this down on a Cisco phone. Any suggestions? Thanks, Go0se -- Help Hopegivers International feed the orphans of Haiti and India http://www.hopegivers.org -- ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] Cisco 7900 series phone Nessus scan
You could just disable web access :) On Wed, May 21, 2014 at 5:05 PM, m...@go0se.com wrote: When performing a Nessus scan on a 7970 Cisco phone running SCCP70.9-3-1SR4-1S code (the latest I can find), it reports the following medium vulnerability: RomPager HTTP Referer Header XSS Description The remote RomPager HTTP server is affected by a cross-site scripting vulnerability. The server does not properly sanitize the referer header value when generating a 404 error page. Solution Upgrade to RomPager 4.51 or later. See Also http://www.nessus.org/u?54798697 I also receive this same vulnerability when scanning a 7961 and a 9951 phone. I've done some googling and don't find anything relevant to locking this down on a Cisco phone. Any suggestions? Thanks, Go0se -- Help Hopegivers International feed the orphans of Haiti and India http://www.hopegivers.org -- ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip
Re: [cisco-voip] Cisco 7900 series phone Nessus scan
Were you able to successfully inject the Referer per the nessus.org database article using nmap? The list of affected devices didn’t list any Cisco products, but test anyway. http://antoniovazquezblanco.github.io/docs/advisories/Advisory_RomPagerXSS.pdf I always worry about generic nessus scans. You really have to know what your doing, and my experience is that the person doing a Nessus scan really isn’t a security guru and won’t fact check what Nessus reports. From: cisco-voip [mailto:cisco-voip-boun...@puck.nether.net] On Behalf Of m...@go0se.com Sent: Wednesday, May 21, 2014 5:06 PM To: cisco-voip@puck.nether.net Subject: [cisco-voip] Cisco 7900 series phone Nessus scan When performing a Nessus scan on a 7970 Cisco phone running SCCP70.9-3-1SR4-1S code (the latest I can find), it reports the following medium vulnerability: RomPager HTTP Referer Header XSS Description The remote RomPager HTTP server is affected by a cross-site scripting vulnerability. The server does not properly sanitize the referer header value when generating a 404 error page. Solution Upgrade to RomPager 4.51 or later. See Also http://www.nessus.org/u?54798697 I also receive this same vulnerability when scanning a 7961 and a 9951 phone. I've done some googling and don't find anything relevant to locking this down on a Cisco phone. Any suggestions? Thanks, Go0se -- Help Hopegivers International feed the orphans of Haiti and India http://www.hopegivers.org -- ___ cisco-voip mailing list cisco-voip@puck.nether.netmailto:cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip itevomcid ___ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip