Multiple Nortel Products Multiple Denial of Service Vulnerabilities
BID:29941
Info
Multiple Nortel Products Multiple Denial of Service Vulnerabilities
| Bugtraq ID: | 29941 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 25 2008 12:00AM |
| Updated: | Jun 25 2008 12:00AM |
| Credit: | VoIPshield Systems Inc. |
| Vulnerable: |
Nortel Networks SIP Multimedia PC Client 4.0 Nortel Networks Multimedia Comm MCS5200 Nortel Networks Multimedia Comm MCS5100 Nortel Networks Meridian 1 - Option 81C 0 Nortel Networks Meridian 1 - Option 61C 0 Nortel Networks Meridian 1 - Option 51C 0 Nortel Networks Meridian 1 - Option 11C 0 Nortel Networks Meridian 1 - Option11C Mini Nortel Networks MCS5100 - Sun Platform 0 Nortel Networks MCS 5100 3.0 Nortel Networks Communications Server 1000 4.50 Nortel Networks Communications Server 1000 Nortel Networks Communication Server 1000S Nortel Networks Communication Server 1000M Cabinet/Chassi Nortel Networks Communication Server 1000E |
| Not Vulnerable: | |
Discussion
Multiple Nortel Products Multiple Denial of Service Vulnerabilities
Multiple Nortel products are prone to multiple denial-of-service vulnerabilities.
Nortel Multimedia Communications Server 5100 and SIP Multimedia PC Client are prone to denial-of-service vulnerabilities that occur when the applications handle excessive amounts of network communications.
Nortel Communications Server 1000 is prone to a denial-of-service when processing an overly large command argument.
Successful denial-of-service exploits will deny access to legitimate users.
The following products are affected:
Communications Server 1000 versions in the 4.50.0 series.
Multimedia Communications Server 5100 versions in the 3.0 series.
SIP Multimedia PC Client versions in the 4.0 series.
Multiple Nortel products are prone to multiple denial-of-service vulnerabilities.
Nortel Multimedia Communications Server 5100 and SIP Multimedia PC Client are prone to denial-of-service vulnerabilities that occur when the applications handle excessive amounts of network communications.
Nortel Communications Server 1000 is prone to a denial-of-service when processing an overly large command argument.
Successful denial-of-service exploits will deny access to legitimate users.
The following products are affected:
Communications Server 1000 versions in the 4.50.0 series.
Multimedia Communications Server 5100 versions in the 3.0 series.
SIP Multimedia PC Client versions in the 4.0 series.
Exploit / POC
Multiple Nortel Products Multiple Denial of Service Vulnerabilities
Attackers can leverage these issues using readily available networking utilities.
Attackers can leverage these issues using readily available networking utilities.
Solution / Fix
Multiple Nortel Products Multiple Denial of Service Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Multiple Nortel Products Multiple Denial of Service Vulnerabilities
References:
References:
- Nortel Networks Homepage (Nortel Networks)
- Nortel Response to VSRNT-2008-008 - Nortel MCS 5100 Wireless Client Manager Ses (Nortel Networks)
- CS1000 Oversized Command DoS (VoIPshield Systems Inc)
- MCS5100 Wireless Client Manager Session Initiation Protocol Proxy DoS (VoIPshield Systems Inc)
- Nortel Response to VSRNT-2008-006 - Nortel Communications Server 1000 Oversized (Nortel Networks)
- Nortel Response to VSRNT-2008-007 - Nortel SIP Multimedia PC Client Unlimited Se (Nortel Networks)
- SIP Multimedia PC Client Unauthenticated Cross Domain Access (VoIPshield Systems Inc)
- SIP Multimedia PC Client Unlimited Session DoS (VoIPshield Systems Inc)