Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5637

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5637
Last Modified 15 Nov 2008 02:01:38
Published 23 Oct 2007 01:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5637

Summary

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode." NOTE: issues relating to a small ID number space can be leveraged to make this attack easier.

Vulnerable Systems

Application

  • Nortel Business Communications Manager 1000

  • Nortel Business Communications Manager 200

  • Nortel Business Communications Manager 400

  • Nortel Business Communications Manager 50

  • Nortel Business Communications Manager 50a

  • Nortel Business Communications Manager 50e

  • Nortel Business Communications Manager Srg200

  • Nortel Business Communications Manager Srg50

  • Nortel Centrex Ip Client Manager

  • Nortel Centrex Ip Element Manager

  • Nortel Meridian Option 11c

  • Nortel Meridian Option 51c

  • Nortel Meridian Option 61c

  • Nortel Meridian Option 81c

  • Nortel Meridian Sl100 Cs2100

  • Nortel Mobile Voice Client 2050


References

BID - 26120

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714

XF - nortel-ipphone-unistim-audio-hijacking(37255)

CONFIRM - http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf

BUGTRAQ - 20071018 Nortel IP Phone Surveillance Mode

MISC - http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt

SECUNIA - 27234

OSVDB - 41769

SREASON - 3272


Last Updated: 27 May 2016 10:46:14