PT-2007-3666 · Nortel · Nortel Vpn Router

Published

2007-04-27

Updated

2011-03-08

CVE-2007-2333

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Nortel VPN Router (aka Contivity) versions 1000, 2000, 4000, and 5000 before 5 05.149 Nortel VPN Router (aka Contivity) versions 5 05.3xx before 5 05.304 Nortel VPN Router (aka Contivity) versions 6.x before 6 05.140

Description The issue allows remote attackers to access the private network due to the inclusion of default accounts FIPSecryptedtest1219 and FIPSunecryptedtest1219 in the LDAP template.

Recommendations For versions before 5 05.149, update to version 5 05.149 or later. For versions 5 05.3xx before 5 05.304, update to version 5 05.304 or later. For versions 6.x before 6 05.140, update to version 6 05.140 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2333

Affected Products

Nortel Vpn Router

PT-2007-3666 · Nortel · Nortel Vpn Router

CVE-2007-2333

Related Identifiers

Affected Products

References · 8