CVE-2007-5640
Summary
| CVE | CVE-2007-5640 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-10-23 17:46:00 UTC |
| Updated | 2018-10-15 21:45:00 UTC |
| Description | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a new spoofed resume message is sent after each re-registration. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Nortel | Business Communications Manager | 1000 | All | All | All |
| Application | Nortel | Business Communications Manager | 200 | All | All | All |
| Application | Nortel | Business Communications Manager | 400 | All | All | All |
| Application | Nortel | Business Communications Manager | 50 | All | All | All |
| Application | Nortel | Business Communications Manager | 50a | All | All | All |
| Application | Nortel | Business Communications Manager | 50e | All | All | All |
| Application | Nortel | Business Communications Manager | srg200 | All | All | All |
| Application | Nortel | Business Communications Manager | srg50 | All | All | All |
| Application | Nortel | Business Communications Manager | 1000 | All | All | All |
| Application | Nortel | Business Communications Manager | 200 | All | All | All |
| Application | Nortel | Business Communications Manager | 400 | All | All | All |
| Application | Nortel | Business Communications Manager | 50 | All | All | All |
| Application | Nortel | Business Communications Manager | 50a | All | All | All |
| Application | Nortel | Business Communications Manager | 50e | All | All | All |
| Application | Nortel | Business Communications Manager | srg200 | All | All | All |
| Application | Nortel | Business Communications Manager | srg50 | All | All | All |
| Application | Nortel | Centrex Ip Client Manager | All | All | All | All |
| Application | Nortel | Centrex Ip Client Manager | All | All | All | All |
| Application | Nortel | Centrex Ip Element Manager | All | All | All | All |
| Application | Nortel | Centrex Ip Element Manager | All | All | All | All |
| Application | Nortel | Communications Server | 1000e | All | All | All |
| Application | Nortel | Communications Server | 1000m | All | All | All |
| Application | Nortel | Communications Server | 1000s | All | All | All |
| Application | Nortel | Communications Server | 2100 | All | All | All |
| Application | Nortel | Communications Server | 1000e | All | All | All |
| Application | Nortel | Communications Server | 1000m | All | All | All |
| Application | Nortel | Communications Server | 1000s | All | All | All |
| Application | Nortel | Communications Server | 2100 | All | All | All |
| Hardware | Nortel | Ip Audio Conference Phone 2033 | All | All | All | All |
| Hardware | Nortel | Ip Audio Conference Phone 2033 | All | All | All | All |
| Hardware | Nortel | Ip Phone 1110 | All | All | All | All |
| Hardware | Nortel | Ip Phone 1110 | All | All | All | All |
| Hardware | Nortel | Ip Phone 1120e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1120e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1140e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1140e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1150e | All | All | All | All |
| Hardware | Nortel | Ip Phone 1150e | All | All | All | All |
| Hardware | Nortel | Ip Phone 2001 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2001 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2002 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2002 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2004 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2004 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2007 | All | All | All | All |
| Hardware | Nortel | Ip Phone 2007 | All | All | All | All |
| Application | Nortel | Meridian Option 11c | All | All | All | All |
| Application | Nortel | Meridian Option 11c | All | All | All | All |
| Application | Nortel | Meridian Option 51c | All | All | All | All |
| Application | Nortel | Meridian Option 51c | All | All | All | All |
| Application | Nortel | Meridian Option 61c | All | All | All | All |
| Application | Nortel | Meridian Option 61c | All | All | All | All |
| Application | Nortel | Meridian Option 81c | All | All | All | All |
| Application | Nortel | Meridian Option 81c | All | All | All | All |
| Application | Nortel | Meridian Sl100 | cs2100 | All | All | All |
| Application | Nortel | Meridian Sl100 | cs2100 | All | All | All |
| Application | Nortel | Mobile Voice Client 2050 | All | All | All | All |
| Application | Nortel | Mobile Voice Client 2050 | All | All | All | All |
| Application | Nortel | Multimedia Communication Server 5100 | All | All | All | All |
| Application | Nortel | Multimedia Communication Server 5100 | All | All | All | All |
| Application | Nortel | Multimedia Communication Server 5200 | All | All | All | All |
| Application | Nortel | Multimedia Communication Server 5200 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2210 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2210 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2211 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2211 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2212 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 2212 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 6120 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 6120 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 6140 | All | All | All | All |
| Hardware | Nortel | Wlan Handset 6140 | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Nortel UNIStim IP Phone Remote Denial of Service Vulnerability | BID | www.securityfocus.com | |
| Nortel IP Phone forced re-authentication - SecurityReason.com | SREASON | securityreason.com | |
| 404 - Compass Security AG | MISC | www.csnc.ch | Exploit |
| 41772 | OSVDB | osvdb.org | |
| Nortel Products Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Nortel: Technical Support: DoS Potential Vulnerability - UNIStim IP Phone Forced to Re-register | CONFIRM | support.nortel.com | Patch |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.