PT-2009-2034 · Nortel · Nortel Communication Server 1000

Published

2009-03-31

Updated

2017-08-17

CVE-2008-6564

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Nortel Communication Server 1000 (affected versions not specified)

Description The issue concerns the Nortel UNIStim protocol, which is used in Communication Server 1000 and other products. It uses predictable sequence numbers, allowing remote attackers to hijack sessions via sniffing or brute force attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-6564

Affected Products

Nortel Communication Server 1000

PT-2009-2034 · Nortel · Nortel Communication Server 1000

CVE-2008-6564

Related Identifiers

Affected Products

References · 8