Nortel IP Phones UNIStim Messages Denial of Service Vulnerability

Bugtraq ID:	26122
Class:	Design Error
CVE:	CVE-2007-5639
Remote:	Yes
Local:	No
Published:	Oct 18 2007 12:00AM
Updated:	May 07 2015 05:34PM
Credit:	Daniel Stirnimann is credited with the discovery of this vulnerability.
Vulnerable:	Nortel Networks WLAN Handset 6140 Nortel Networks WLAN Handset 6120 Nortel Networks WLAN Handset 2212 Nortel Networks WLAN Handset 2211 Nortel Networks WLAN Handset 2210 Nortel Networks Mobile Voice Client 2050 Nortel Networks IP softphone 2050 Nortel Networks IP Phone 200x Nortel Networks IP Phone 1150E Nortel Networks IP Phone 1140E Nortel Networks IP Phone 1120E Nortel Networks IP Phone 1110 Nortel Networks IP Audio Conference Phone 2033
Not Vulnerable:

Nortel IP Phones UNIStim Messages Denial of Service Vulnerability

Nortel IP Phones are prone to a denial-of-service vulnerability because the devices fail to handle specially crafted IP packets. Affected IP Phones include:

IP Phone 1140E
IP Softphone 2050
IP Audio Conf Phone 2033
IP Phone 1100 series
IP Phone 200x
Mobile Voice Client 2050
WLAN Handset 2210, 2211, 2212, 6120, 6140

An attacker can exploit this issue to crash an affected device, denying service to legitimate users.

Nortel IP Phones UNIStim Messages Denial of Service Vulnerability

An attacker can exploit this issue by using readily available network utilities.

Nortel IP Phones UNIStim Messages Denial of Service Vulnerability

Solution:
The vendor released an advisory to address this issue and is currently conducting further investigation. Please see the references for more information.

Nortel IP Phones UNIStim Messages Denial of Service Vulnerability

References:

• Nortel Networks Homepage (Nortel Networks)
  
• Nortel IP Phone Flooding Denial of Service ([email protected])
  
• Nortel Security Advisory 2007008386, Rev 1 (Nortel)