Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-5640

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a new spoofed resume message is sent after each re-registration.

Published

2007-10-23T17:46:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.1 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

6.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	nortel	multimedia_communication_server_5100	*	No
Application	nortel	multimedia_communication_server_5200	*	No
Application	nortel	communications_server	1000e	No
Application	nortel	communications_server	1000m	No
Application	nortel	communications_server	1000s	No
Application	nortel	communications_server	2100	No
Hardware	nortel	ip_audio_conference_phone_2033	*	No
Hardware	nortel	ip_phone_1110	*	No
Hardware	nortel	ip_phone_1120e	*	No
Hardware	nortel	ip_phone_1140e	*	No
Hardware	nortel	ip_phone_1150e	*	No
Hardware	nortel	ip_phone_2001	*	No
Hardware	nortel	ip_phone_2002	*	No
Hardware	nortel	ip_phone_2004	*	No
Hardware	nortel	ip_phone_2007	*	No
Hardware	nortel	wlan_handset_2210	*	No
Hardware	nortel	wlan_handset_2211	*	No
Hardware	nortel	wlan_handset_2212	*	No
Hardware	nortel	wlan_handset_6120	*	No
Hardware	nortel	wlan_handset_6140	*	No
Application	nortel	business_communications_manager	50	Yes
Application	nortel	business_communications_manager	50a	Yes
Application	nortel	business_communications_manager	50e	Yes
Application	nortel	business_communications_manager	200	Yes
Application	nortel	business_communications_manager	400	Yes
Application	nortel	business_communications_manager	1000	Yes
Application	nortel	business_communications_manager	srg50	Yes
Application	nortel	business_communications_manager	srg200	Yes
Application	nortel	centrex_ip_client_manager	*	Yes
Application	nortel	centrex_ip_element_manager	*	Yes
Application	nortel	meridian_option_11c	*	Yes
Application	nortel	meridian_option_51c	*	Yes
Application	nortel	meridian_option_61c	*	Yes
Application	nortel	meridian_option_81c	*	Yes
Application	nortel	meridian_sl100	cs2100	Yes
Application	nortel	mobile_voice_client_2050	*	Yes

References

http://osvdb.org/41772 ([email protected])
http://secunia.com/advisories/27234 Vendor Advisory ([email protected])
http://securityreason.com/securityalert/3274 ([email protected])
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654641 Patch ([email protected])
http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_forced_re-authentication_v1.0.txt Exploit ([email protected])
http://www.securityfocus.com/archive/1/482481/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/26124 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/37254 ([email protected])
http://osvdb.org/41772 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27234 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/3274 (af854a3a-2127-422b-91ae-364da2661108)
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654641 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_forced_re-authentication_v1.0.txt Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/482481/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/26124 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37254 (af854a3a-2127-422b-91ae-364da2661108)