PT-2007-6648 · Nortel · Business Communications Manager+2

Daniel Stirnimann

Publicado

2007-10-23

Atualizado

2018-10-15

CVE-2007-5638

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Nortel UNIStim IP Softphone 2050 (affected versions not specified) Nortel IP Phone 1140E (affected versions not specified) Other Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines (affected versions not specified)

Description The issue allows remote attackers to guess the RUDP ID and spoof messages due to the limited number of different values used in the 32-bit ID number field of an RUDP datagram. This can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200CWE-310

Identificadores relacionados

CVE-2007-5638

Produtos afetados

Business Communications Manager

Ip Phone 1140E

Unistim Ip Softphone 2050

PT-2007-6648 · Nortel · Business Communications Manager+2

CVE-2007-5638

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9