Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5640

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2007-5640
Last Modified 15 Nov 2008 02:01:40
Published 23 Oct 2007 01:46:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5640

Summary

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a new spoofed resume message is sent after each re-registration.

Vulnerable Systems

Application

  • Nortel Business Communications Manager 1000

  • Nortel Business Communications Manager 200

  • Nortel Business Communications Manager 400

  • Nortel Business Communications Manager 50

  • Nortel Business Communications Manager 50a

  • Nortel Business Communications Manager 50e

  • Nortel Business Communications Manager Srg200

  • Nortel Business Communications Manager Srg50

  • Nortel Centrex Ip Client Manager

  • Nortel Centrex Ip Element Manager

  • Nortel Meridian Option 11c

  • Nortel Meridian Option 51c

  • Nortel Meridian Option 61c

  • Nortel Meridian Option 81c

  • Nortel Meridian Sl100 Cs2100

  • Nortel Mobile Voice Client 2050


References

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654641

XF - nortel-ipphone-register-dos(37254)

BID - 26124

BUGTRAQ - 20071018 Nortel IP Phone forced re-authentication

MISC - http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_forced_re-authentication_v1.0.txt

SECUNIA - 27234

OSVDB - 41772

SREASON - 3274


Last Updated: 27 May 2016 10:46:14