Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5591

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2007-5591
Last Modified 05 Apr 2011 12:00:00
Published 19 Oct 2007 07:17:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5591

Summary

The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allows remote attackers to cause a denial of service (telephony application outage) via a flood of packets to Embedded LAN (ELAN) ports.

Vulnerable Systems

Application

  • Nortel Meridian Option 11c

  • Nortel Meridian Option 51c

  • Nortel Meridian Option 61c

  • Nortel Meridian Option 81c

  • Nortel Voip-core-cs 1000e

  • Nortel Voip-core-cs 1000m

  • Nortel Voip-core-cs 1000s


References

XF - nortel-cs1000-elan-dos(37252)

VUPEN - ADV-2007-3536

BID - 26113

BUGTRAQ - 20071018 Nortel Telephony Server Denial of Service

MISC - http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204

SECUNIA - 27282

OSVDB - 41799


Last Updated: 27 May 2016 10:46:13