Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6564

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2008-6564
Last Modified 18 Apr 2009 01:45:45
Published 31 Mar 2009 01:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-6564

Summary

Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.

Vulnerable Systems

Application

  • Nortel Communication Server 1000


References

XF - nortel-unistim-dos(41801)

MISC - http://www.voipshield.com/research-details.php?id=27&s=4&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC

SECTRACK - 1019847

BID - 28691

CONFIRM - http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455

SECUNIA - 29747

OSVDB - 44379


Last Updated: 27 May 2016 10:49:14