Nortel Telephony Server Denial of Service Oct 18 2007 12:31PM
daniel stirnimann csnc ch
#############################################################

#

# COMPASS SECURITY ADVISORY http://www.csnc.ch/

#

#############################################################

#

# Product: Telephony Server

# Vendor: Nortel

# Subject: Telephony Server Denial of Service

# Risk: High

# Effect: Currently exploitable

# Author: Cyrill Brunschwiler (cyrill.brunschwiler (at) csnc (dot) ch

# Date: October, 18th 2007

#

#############################################################

Introduction:

-------------

A malicious user who can send a flood of packets to specific E-LAN ports on the Telephony Server is able to crash the telephony application. The server needs to be rebooted to resume normal operation.

Nortel has noted this as:

Title: Potential CS1000 DoS Vulnerability

Number: 2007008384

http://support.nortel.com/go/main.jsp?cscat=SECUREADVISORY

Vulnerable:

-----------

Communication Server 1000

and others.

See associated products on the Nortel advisory.

Vulnerability Management:

-------------------------

June 2007: Vulnerability found

June 2007: Nortel Security notified

October 2007: Nortel Advisory available

October 2007: Compass Security Information

Remediation:

------------

Follow the recommended actions for the affected systems, as identified in the Nortel Advisory.

Reference:

http://www.csnc.ch/static/advisory/secadvisorylist.html

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus