Update Cisco 7940 Firmware
This reference map lists the various references for CISCO and provides the associated CVE entries or candidates. It uses data from CVE version 20061101 and candidates. This article explains how to reset your Cisco 7940, 7941, 7942, 7960, 7961, 7962 7920 IP phone to factory defaults, and how to upgrade its firmware to the latest. Free Cisco IP Phone firmware download section. We offer free SCCP SIP firmware for all Cisco IP Phones Cisco ATA devices 6901, 6911, 6921, 6945, 7902, 7905, 7906. Cisco 79407960 IP phones can support either the Skinny Call Control Protocol SCCP to run with Cisco CallManager, the Session Initiation Protocol SIP refer to. KRIfS-AY/hqdefault.jpg' alt='Update Cisco 7940 Firmware' title='Update Cisco 7940 Firmware' />CVE Reference Map for Source CISCO. This reference map lists the various references for CISCO and. CVE entries or candidates. It uses data from. CVE version 2. 00. Note that the list of references may not be complete. CISCO Cisco. Secure Access Control Server for UNIX Remote Administration Vulnerability. CVE 1. 99. 9 0. CISCO 1. Established Keyword May Allow Packets to Bypass Filter. CVE 1. 99. 9 0. CISCO 1. Vulnerabilities in Cisco CHAP Authentication. CVE 1. 99. 9 0. CISCO 1. Cisco Web Cache Control Protocol Router Vulnerability. CVE 1. 99. 9 1. CISCO 1. PIX Private Link Key Processing and Cryptography Issues. In fact, Cisco phones are simple. They just need a tftp server to update its firmware and it doesnt even have to be located on the asteriskphone system itself. I was sitting around doing nothing at work yesterday and I started fiddling with my desk phone, a Cisco 7940 IP Phone. I changed the ringtone and reached the Network. This Cisco Unified IP Phone Firmware Distribution Methods white paper investigates the business and technical issues pertaining to a platform, solution, or technology. This guide will show you how to SIP and configure the Cisco 7940 79 7961 IP phones for the 3CX Phone System. CVE 1. 99. 9 1. CISCO 1. PIX Firewall established Command. CVE 1. 99. 9 1. CISCO 1. CRM Temporary File Vulnerability. CVE 1. 99. 9 1. CVE 1. CISCO 1. 99. 81. Cisco IOS Command History Release at Login Prompt. CVE 2. 00. 0 0. CISCO 1. Cisco IOS DFS Access List Leakage. CVE 1. 99. 9 1. CVE 1. CISCO 1. 99. 90. Cisco 7xx TCP and HTTP Vulnerabilities. CVE 1. 99. 9 0. CVE 1. CISCO 1. 99. 90. Cisco IOS Software established Access List Keyword Error. CVE 1. 99. 9 0. CISCO 1. Cisco Cache Engine Authentication Vulnerabilities. CVE 1. 99. 9 0. CVE 1. CVE 1. 99. 9 1. CISCO 2. Cisco Catalyst Enable Password Bypass Vulnerability. CVE 2. 00. 0 0. CISCO 2. Cisco IOS Software TELNET Option Handling Vulnerability. CVE 2. 00. 0 0. CISCO 2. Cisco IOS HTTP Server Vulnerability. CVE 2. 00. 0 0. CISCO 2. Cisco Secure PIX Firewall TCP Reset Vulnerability. CVE 2. 00. 0 0. CISCO 2. Possible Access Control Bypass and Denial of Service in Gigabit Switch Routers Using Gigabit Ethernet or Fast Ethernet Cards. CVE 2. 00. 0 0. CISCO 2. Multiple Vulnerabilities in Cisco. Secure ACS for Windows NT Server. CVE 2. 00. 0 1. CVE 2. CVE 2. 00. 0 1. CISCO 2. Cisco Secure PIX Firewall Mailguard Vulnerability. CVE 2. 00. 0 1. CISCO 2. Cisco IOS HTTP Server Query Vulnerability. CVE 2. 00. 0 0. CISCO 2. Multiple Vulnerabilities in CBOSCVE 2. CVE 2. 00. 1 0. CVE 2. CVE 2. 00. 1 0. CISCO 2. Cisco Catalyst Memory Leak Vulnerability. CVE 2. 00. 1 0. CISCO 2. Cisco Catalyst SSH Protocol Mismatch Vulnerability. CVE 2. 00. 1 0. CISCO 2. Cisco Content Services Switch Vulnerability. CVE 2. 00. 1 0. CVE 2. CISCO 2. 00. 10. Cisco IOS Software SNMP Read Write ILMI Community String Vulnerability. CVE 2. 00. 1 0. CISCO 2. Cisco IOS Software Multiple SNMP Community String Vulnerabilities. CVE 2. 00. 1 1. CISCO 2. Cisco IOS Software TCP Initial Sequence Number Randomization Improvements. CVE 2. 00. 1 0. CISCO 2. Access to the Cisco Aironet 3. Series Wireless Bridge via Web Interface. CVE 2. 00. 1 0. CISCO 2. VPN3. 00. 0 Concentrator TELNET Vulnerability. CVE 2. 00. 1 0. CISCO 2. Cisco Content Services Switch User Account Vulnerability. CVE 2. 00. 1 0. CISCO 2. VPN 3. 00. 0 Concentrator IP Options Vulnerability. CVE 2. 00. 1 0. CISCO 2. Catalyst 5. 00. 0 Series 8. Vulnerability. CVE 2. CISCO 2. 00. 10. Cisco IOS BGP Attribute Corruption Vulnerability. CVE 2. 00. 1 0. CISCO 2. Cisco Content Service Switch 1. Series FTP Vulnerability. CVE 2. 00. 1 0. CISCO 2. More Multiple Vulnerabilities in CBOSCVE 2. CVE 2. 00. 1 0. CVE 2. CVE 2. 00. 1 0. CISCO 2. IOS Reload after Scanning Vulnerability. CVE 2. 00. 1 0. CISCO 2. Cisco Content Service Switch 1. Series Web Management Vulnerability. CVE 2. 00. 1 0. CISCO 2. Cisco 6. 40. 0 NRP2 Telnet Vulnerability. CVE 2. 00. 1 0. CISCO 2. IOS HTTP authorization vulnerability. CVE 2. 00. 1 0. CISCO 2. Multiple SSH Vulnerabilities. CVE 1. 99. 9 1. CVE 2. CISCO 2. 00. 10. Vulnerabilities in Cisco SN 5. Storage Routers. CVE 2. Mitsubishi Vrf Software on this page. CVE 2. 00. 1 1. CISCO 2. Cisco IOS PPTP Vulnerability. CVE 2. 00. 1 1. CISCO 2. CBOS Web based Configuration Utility Vulnerability. CVE 2. 00. 1 1. CVE 2. CISCO 2. 00. 10. Cisco Secure Intrusion Detection System Signature Obfuscation Vulnerability. CVE 2. 00. 1 0. CISCO 2. Vulnerable SSL Implementation in i. CDNCVE 2. 00. 1 1. CISCO 2. 00. 10. Cisco PIX Firewall Manager File Exposure. CVE 1. 99. 9 0. CISCO 2. Cisco PIX Firewall Authentication Denial of Service Vulnerability. CVE 2. 00. 1 0. CISCO 2. ICMP Unreachable Vulnerability in Cisco 1. Series Internet Router. CVE 2. 00. 1 0. CISCO 2. Multiple Vulnerabilities in Access Control List Implementation for Cisco 1. Series Internet Router. CVE 2. 00. 1 0. CVE 2. CVE 2. 00. 1 0. CVE 2. CVE 2. 00. 1 0. CVE 2. CISCO 2. 00. 11. Cisco IOS ARP Table Overwrite Vulnerability. CVE 2. 00. 1 0. CISCO 2. A Vulnerability in IOS Firewall Feature Set. CVE 2. 00. 1 0. CISCO 2. Multiple Vulnerabilities in Cisco SN 5. Storage Routers. CVE 2. CVE 2. 00. 2 1. CVE 2. CISCO 2. 00. 20. Hardening of Solaris OS for MGCCVE 2. CISCO 2. 00. 20. Cisco Cat. OS Telnet Buffer Vulnerability. CVE 2. 00. 1 0. CISCO 2. Cisco Secure Access Control Server Novell Directory Service ExpiredDisabled User Authentication Vulnerability. CVE 2. 00. 2 0. CISCO 2. Cisco Security Advisory Data Leak with Cisco Express Forwarding. CVE 2. 00. 2 0. CISCO 2. LDAP Connection Leak in CTI when User Authentication Fails. CVE 2. 00. 2 0. CISCO 2. Vulnerability in the zlib Compression Library. CVE 2. 00. 2 0. CISCO 2. Web Interface Vulnerabilities in Cisco Secure ACS for Windows. CVE 2. 00. 2 0. CVE 2. CISCO 2. 00. 20. Aironet Telnet Vulnerability. CVE 2. 00. 2 0. CISCO 2. Microsoft IIS Vulnerabilities in Cisco Products MS0. CVE 2. 00. 2 0. CVE 2. CVE 2. 00. 2 0. CVE 2. CVE 2. 00. 2 0. CVE 2. CVE 2. 00. 2 0. CVE 2. CVE 2. 00. 2 0. CVE 2. CISCO 2. 00. 20. Content Service Switch Web Management HTTP Processing Vulnerabilities. CVE 2. 00. 2 0. CISCO 2. Multiple Vulnerabilities in Cisco IP Telephones. CVE 2. 00. 2 0. CVE 2. CVE 2. 00. 2 0. CISCO 2. ATA 1. 86 Password Disclosure Vulnerability. CVE 2. 00. 2 0. CISCO 2. CBOS Improving Resilience to Denial of Service Attacks. CVE 2. 00. 2 0. CISCO 2. Transparent Cache Engine and Content Engine TCP Relay Vulnerability. CVE 2. 00. 2 0. CISCO 2. Cable Modem Termination System Authentication Bypass. CVE 2. 00. 2 1. CISCO 2. Buffer Overflow in UNIX VPN Client. CVE 2. 00. 2 1. CISCO 2. Cisco ONS1. 54. 54 IP TOS Bit Vulnerability. CVE 2. 00. 2 0. CISCO 2. Scanning for SSH Can Cause a Crash. CVE 2. 00. 2 1. CISCO 2. Cisco Secure ACS Unix Acme. Information Disclosure Vulnerability. CVE 2. 00. 1 0. CISCO 2. TFTP Long Filename Vulnerability. CVE 2. 00. 2 0. CISCO 2. Cisco VPN 5. 00. 0 Series Concentrator RADIUS PAP Authentication Vulnerability. CVE 2. 00. 2 0. CISCO 2. Cisco VPN Client Multiple Vulnerabilities. CVE 2. 00. 2 0. CVE 2. CISCO 2. 00. 20. Cisco Content Service Switch 1. Series Web Management Vulnerability. CVE 2. 00. 2 0. CISCO 2. Cisco VPN 3. 00. 0 Concentrator Multiple Vulnerabilities. CVE 2. 00. 2 1. CVE 2. CVE 2. 00. 2 1. CVE 2. CVE 2. 00. 2 1. CVE 2. CVE 2. 00. 2 1. CVE 2. How to upgrade or convert a Cisco Ip 7. SIP or SCCPGetting Cisco phones working with asterisk may seem like a daunting procedure getting SIP firmware installed on the phone, loading up the the firmware files in the tftp server, fearing that you will somehow brick the phone by an incomplete firmware uploadBut I am here to reassure you that once you understand how Cisco phones update themselves, the fear and trepidation will subside. Cisco 7. 9xx IP Phone. In fact, Cisco phones are simple. They just need a tftp server to update its firmware and it doesnt even have to be located on the asteriskphone system itself. Cisco phones update in two stages. The bootloader, then the application. Once the bootloader is upgraded, all passwords and networking information on the phone will be wiped out. But what is essential in upgrading these phones is a DHCP server with option 1. DHCP server hands out the regular ip address to the phone. Without an auto provisioned tftp server address, the phone will only complete half the upgrade and come up with an error message of protocol application invalid. This just means that the phone could not complete the second half of the upgrade and needs the tftp ip address to be specified. Only problem is since there is no application running, there is no place to specify the address Thank goodness for DHCP option 1. IP address after loading the bootloader. Below are instructions to upgradeconvert any Cisco 7. IP phone to any firmware you want from the Cisco web site SIPSCCP, and to recover any cisco phone which may have screwed up somehow while upgrading firmware like if you get the protocol application invalid message. Step 1 Download Cisco phone firmware. Cisco may require you to have a smartnet contract before you download the firmware, but if you do not have one, there are firmware files available on the internet. Ive provided two sources below. Goto http www. Download the firmware for the specific phone you are using. SIP 7. 96. 0 for phone firmware. Download the. zip file and extract it to a directory. If you are downloading an older version of the SIPSCCP firmware and it only comes in a. Just rename the extension to. Extracted files in a folder. You will have several files in this directory. If you just have one, you must remember to extract all the files. Step 2 Download and configure the DHCPTFTP server. We are going to use a windows based machine and load tftpdhcp software on it which will make our windows machine a server for our phones. Go here to download the tftpdhcp server http tftpd. Download and install version 3. YOU MUST DOWNLOAD AND INSTALL THIS VERSION. I have had many people complaining about their phones not obtaining a correct ip address and also the files not being sent correctly. Every one of these problems was due to using the incorrect version andor having their firewall on. You will also have to configure your windows machine to use ip address of 1. Youll configure this tftp server to host the upgrade files via tftp server theres an option to configure the working directory in the program to use for the stored firmware files on the windows machine this must be set correctly. Under DHCP server within the tftp. SAVE IP pool starting address as 1. Size of pool as 2. Default router as 1. Mask as 2. 55. 2. Additional option, enter 1. A8. C0 in the second box this number is 1. Hexadecimal. TFTP example. Putting it all togethera. Now, there are a few things to consider when upgrading 7. But the rule of thumb, is that if you have SCCP on your phone youll need to use a XMLDefault. For the rest of this guide I will just assume you want to convert SCCP to SIP. The easiest way to get SIP on your phone is to install a universal application bootloader. Ive found that SCCP version 8. P0. 03. 08. 00. 09. SIP and SCCP loads without a hitch. So the best thing to do is to upgrade your SCCP phone with a newer SCCP load before switching over to SIP. If you have a very old version of SCCP, you will find that you cannot immediately upgrade to this version. If that is the case, just load version 3 P0. P0. 03. 05. 00. 05. P0. 03. 08. 00. 09. To do this you have to download those firmware versions and just extract them all into one directory. Now download and place this file into your firmware directory. XMLDefault. cnf. xml right click on linksave target as this file contains the text belowlt Default lt call. Manager. Group lt members lt member priority0 lt call. Manager lt ports lt ethernet. Phone. Port 2. Phone. Port lt mgcp. Ports lt listen 2. Alive 2. 42. 8lt keep. Alive lt mgcp. Ports lt ports lt process. Node. Name lt process. Node. Name lt call. Manager lt member lt members lt call. Manager. Group lt load. Information SCCP4. Slt load. Information lt authentication. URL lt authentication. URL lt directory. URL lt directory. URL lt idle. URL lt idle. URL lt information. URL lt information. URL lt messages. URL lt messages. URL lt services. URL lt services. URL lt Default After you have downloaded the file, edit the load. Information tag within the XMLDefault. Do not add the file name extension, just the name of the file ig. Information P0. Information. Save and proceed to the next step. Next plug in the phone by crossover cable or ethernet switch to the computer you are running this server from make sure you disconnect any device attached to the network which resolves an ip through dhcp, as this will conflict with any other dhcp server on the network. Power Cycle the phone and clear the configuration by holding down the key and then plugging in the phone. After all the lights cycle on the phone, release the key and press 1. The lights will turn red, but if they dont, repeat this step. The phone will then wipe the flash and load whatever firmware is specified in the tftpd. This will clear all settings on the phone and set it to defaults. Upon reboot, the phone will grab an ip address from the dhcp server on the windows machine running the dhcp server. Tftpd. 32 will also assign an ip address for the tftp server to the phone using option 1. If you are doing an incremental upgrade to get to version 8. XMLDefault. cnf. xml file with the next version of firmware and save, then reboot the phone after it has completed loading both the bootloader and application. The phone should find that it needs to upgrade itself until you stop editing the file with new firmware information. After the phone gets to SCCP version 8. SIP firmware you want, and then extract it into a seperate directory. Point the tftpd. 32 program to use that directory, copy the XMLDefault. Information tag with the POS xxx filename which is located in that directory and reboot the phone. The phone will automatically switch over to loading the SIP firmware. You can check the events viewer within tftpd. The 7. 917. 927. If the phones just sit like they arent doing anything, wait a bit longer and they should come back up. Its not uncommon for one phone to take up to 4 5 minutes to complete the entire process. Thats all there is to it, and now that the phone has a good universal application bootloader, you will have no trouble switching between SCCP and SIP by just pointing the phone to the appropriate directory.