Nortel VPN Routers Multiple Remote Unauthorized Access Vulnerabilities
BID:23562
Info
Nortel VPN Routers Multiple Remote Unauthorized Access Vulnerabilities
| Bugtraq ID: | 23562 |
| Class: | Design Error |
| CVE: |
CVE-2007-2333 CVE-2007-2334 CVE-2007-2332 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 19 2007 12:00AM |
| Updated: | Jul 06 2016 02:39PM |
| Credit: | Detack GmbH is credited with discovering these issues. |
| Vulnerable: |
Nortel Networks VPN Router 5000 Nortel Networks VPN Router 2700 Nortel Networks VPN Router 1750 0 Nortel Networks VPN Router 1740 Nortel Networks VPN Router 1700 Nortel Networks VPN Router 1100 Nortel Networks VPN Router 1050 Nortel Networks VPN Router 1010 Nortel Networks Contivity 4000 VPN Switch Nortel Networks Contivity 2000 VPN Switch Nortel Networks Contivity 1000 VPN Switch |
| Not Vulnerable: | |
Discussion
Nortel VPN Routers Multiple Remote Unauthorized Access Vulnerabilities
Nortel VPN routers are prone to multiple remote unauthorized-access vulnerabilities due to design errors.
Successful exploits will allow attackers to access administrative functionality and completely compromise vulnerable devices or gain direct access to the private network.
This issue affects all model numbers for Nortel VPN Routers 1000, 2000, 4000, 5000. Nortel VPN routers were formerly known as Contivity.
Nortel VPN routers are prone to multiple remote unauthorized-access vulnerabilities due to design errors.
Successful exploits will allow attackers to access administrative functionality and completely compromise vulnerable devices or gain direct access to the private network.
This issue affects all model numbers for Nortel VPN Routers 1000, 2000, 4000, 5000. Nortel VPN routers were formerly known as Contivity.
Exploit / POC
Nortel VPN Routers Multiple Remote Unauthorized Access Vulnerabilities
Attackers may exploit these issues via a browser or through readily available networking tools.
Attackers may exploit these issues via a browser or through readily available networking tools.
Solution / Fix
Nortel VPN Routers Multiple Remote Unauthorized Access Vulnerabilities
Solution:
Nortel released an advisory and fixes to address these issues. Please see the references for details.
Solution:
Nortel released an advisory and fixes to address these issues. Please see the references for details.
References
Nortel VPN Routers Multiple Remote Unauthorized Access Vulnerabilities
References:
References:
- Contivity Product Information (Nortel Networks)
- Nortel Networks Homepage (Nortel Networks)
- VPN Router Security Issue - Unauthorized Remote Access (Nortel Networks)