GEN:SID 1:1814
Message WEB-MISC CISCO VoIP DOS ATTEMPT
Summary This event is generated when an attempt is made to exploit a flaw on a
Cisco VoIP telephone.
Impact Denial of Service.
Detailed Information Certain versions of Cisco's VoIP phones are vulnerable to an attack that
can cause them to reboot when they recieve an http request such as
http://ciscophoneip/StreamingStatistics?<value> where <value> is an
integer value of arbitrary high value, typically a number greater than
32768.
Affected Systems Cisco VoIP Phones 7910, 7940, and 7960
      (software version 3.0 to 3.2)
Attack Scenarios A remote user can send the exploit url to the phone, causing the phone
to reboot and disallowingthe user to place or recieve calls for up to 30
seconds.
Ease of Attack Simple.
Corrective Action Apply the appropriate vendor supplied patches.
Additional References Bugtraq:
http://www.securityfocus.com/bid/4794
Rule References bugtraq: 4794
cve: 2002-0882
nessus: 11013