Nortel Meridian/CS 1000 Unspecified Remote Denial of Service Vulnerability
BID:24131
Info
Nortel Meridian/CS 1000 Unspecified Remote Denial of Service Vulnerability
| Bugtraq ID: | 24131 |
| Class: | Unknown |
| CVE: |
CVE-2007-2886 |
| Remote: | Yes |
| Local: | No |
| Published: | May 23 2007 12:00AM |
| Updated: | May 07 2015 05:37PM |
| Credit: | Eldon Sprickerhoff and Richard Gowman reported this issue to the vendor. |
| Vulnerable: |
Nortel Networks Communication Server 1000S Nortel Networks Communication Server 1000M Single Group Nortel Networks Communication Server 1000M Multi-Group Nortel Networks Communication Server 1000M Half Group Nortel Networks Communication Server 1000M Cabinet/Chassi Nortel Networks Communication Server 1000E |
| Not Vulnerable: | |
Discussion
Nortel Meridian/CS 1000 Unspecified Remote Denial of Service Vulnerability
Nortel Meridian/CS 1000 products are reportedly prone to a remote denial-of-service vulnerability. The specific content and type of network traffic sufficient to trigger this issue are currently unknown.
Reports indicate that this issue is exploitable only when an attack is sent directly to an affected media card. The method to accomplish this is currently unknown; we will update this BID with more information as it becomes available.
Nortel Meridian CS/Communication Server 1000E, 1000M Cabinet/Chassis, 1000M Half Group, 1000M Single Group, 1000M Multi-Group, and 1000S are reported vulnerable.
Nortel Meridian/CS 1000 products are reportedly prone to a remote denial-of-service vulnerability. The specific content and type of network traffic sufficient to trigger this issue are currently unknown.
Reports indicate that this issue is exploitable only when an attack is sent directly to an affected media card. The method to accomplish this is currently unknown; we will update this BID with more information as it becomes available.
Nortel Meridian CS/Communication Server 1000E, 1000M Cabinet/Chassis, 1000M Half Group, 1000M Single Group, 1000M Multi-Group, and 1000S are reported vulnerable.
Exploit / POC
Nortel Meridian/CS 1000 Unspecified Remote Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Nortel Meridian/CS 1000 Unspecified Remote Denial of Service Vulnerability
Solution:
The vendor has released a patch that addresses this issue. Information on how to obtain PatchID MPLR 23899 is contained within Nortel Networks security advisory 2007007996, Rev 1. Please see the vendor references or security advisory for details.
Solution:
The vendor has released a patch that addresses this issue. Information on how to obtain PatchID MPLR 23899 is contained within Nortel Networks security advisory 2007007996, Rev 1. Please see the vendor references or security advisory for details.
References
Nortel Meridian/CS 1000 Unspecified Remote Denial of Service Vulnerability
References:
References:
- Nortel Meridian/CS 1000 Homepage (Nortel Networks)
- Potential Denial of Service Attack Vulnerability on Meridian/CS 1000 (Nortel Networks)