CVE-2006-0374

Name of the Vulnerable Software and Affected Versions Advantage Century Telecommunication (ACT) P202S IP Phone version 1.01.21

Description The issue concerns the presence of undocumented ports that could allow remote attackers to access sensitive information, reflect network data, or gain unauthorized access. Specifically, the VxWorks WDB remote debugging ONCRPC (wdbrpc) on UDP 17185 might allow attackers to obtain sensitive data, such as memory contents and internal operating-system data. Additionally, the echo service on TCP 7 could be used to reflect network data, and the rlogin service on TCP 513 might permit access without authentication.

Recommendations For Advantage Century Telecommunication (ACT) P202S IP Phone version 1.01.21, consider disabling the undocumented ports, specifically the VxWorks WDB remote debugging ONCRPC on UDP 17185, the echo service on TCP 7, and the rlogin service on TCP 513, to prevent potential exploitation until a patch or official fix is available.