Gus Bourg

Name of the Vulnerable Software and Affected Versions: Nortel Networks CallPilot and Meridian Mail voicemail systems (affected versions not specified) Description: The issue allows remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Calling Number Identification (CNID, aka Caller ID) when a mailbox has auto logon enabled. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Sprint Nextel Sprint voice mail systems (affected versions not specified) Description: The issue allows remote attackers to access and manipulate voice mail messages by spoofing Calling Number Identification (CNID, aka Caller ID), enabling them to retrieve or remove messages, or reconfigure mailboxes. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Alcatel-Lucent Lucent Technologies voice mail systems (affected versions not specified) Description: The issue allows remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID). Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: T-Mobile voice mail system (affected versions not specified) Description: The issue allows remote attackers to access and manipulate voice mail messages by spoofing Calling Number Identification (CNID, aka Caller ID), enabling them to retrieve or remove messages, or reconfigure mailboxes. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.