Nortel Networks UNIStim IP Softphone RTCP Port Buffer Overflow Vulnerability

Bugtraq ID:	26118
Class:	Boundary Condition Error
CVE:	CVE-2007-5636
Remote:	Yes
Local:	No
Published:	Oct 18 2007 12:00AM
Updated:	May 07 2015 05:34PM
Credit:	Cyrill Brunschwiler is credited with discovering this issue.
Vulnerable:	Nortel Networks IP softphone 2050
Not Vulnerable:

Nortel Networks UNIStim IP Softphone RTCP Port Buffer Overflow Vulnerability

Nortel Networks UNIStim IP Softphone is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Nortel Networks UNIStim IP Softphone RTCP Port Buffer Overflow Vulnerability

The following proof-of-concept exploit code is available:

• /data/vulnerabilities/exploits/26118.java

Nortel Networks UNIStim IP Softphone RTCP Port Buffer Overflow Vulnerability

Solution:
The vendor released an advisory to address this issue and is currently conducting further investigation. Please see the references for more information.

Nortel Networks UNIStim IP Softphone RTCP Port Buffer Overflow Vulnerability

References:

• Nortel UNIStim IP Softphone Buffer-Overflow ([email protected])
  
• Nortel Networks Homepage (Nortel Networks)
  
• UNIStim IP Softphone - Potential Vulnerability Due to Buffer Overflow (Nortel Networks)