PT-2009-2034 · Nortel · Nortel Communication Server 1000

Publicado

2009-03-31

Atualizado

2017-08-17

CVE-2008-6564

CVSS v2.0

7.6

Alta

Vetor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Nortel Communication Server 1000 (affected versions not specified)

Description The issue concerns the Nortel UNIStim protocol, which is used in Communication Server 1000 and other products. It uses predictable sequence numbers, allowing remote attackers to hijack sessions via sniffing or brute force attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2008-6564

Produtos afetados

Nortel Communication Server 1000

PT-2009-2034 · Nortel · Nortel Communication Server 1000

CVE-2008-6564

Identificadores relacionados

Produtos afetados

Referências · 8