CVE-2007-5637: Infoleak
First published: Tue Oct 23 2007(Updated: )
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode." NOTE: issues relating to a small ID number space can be leveraged to make this attack easier.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nortel Multimedia Communication Server 5100 | ||
| Nortel Multimedia Communication Server 5200 | ||
| Nortel Communications Server | =1000e | |
| Nortel Communications Server | =1000m | |
| Nortel Communications Server | =1000s | |
| Nortel Communications Server | =2100 | |
| Nortel Ip Audio Conference Phone 2033 | ||
| Nortel Ip Phone 1110 | ||
| Nortel Ip Phone 1120e | ||
| Nortel Ip Phone 1140e | ||
| Nortel Ip Phone 1150e | ||
| Nortel Ip Phone 2001 | ||
| Nortel Ip Phone 2002 | ||
| Nortel Ip Phone 2004 | ||
| Nortel Ip Phone 2007 | ||
| Nortel Wlan Handset 2210 | ||
| Nortel Wlan Handset 2211 | ||
| Nortel Wlan Handset 2212 | ||
| Nortel Wlan Handset 6120 | ||
| Nortel Wlan Handset 6140 | ||
| Nortel Business Communications Manager | =50 | |
| Nortel Business Communications Manager | =50a | |
| Nortel Business Communications Manager | =50e | |
| Nortel Business Communications Manager | =200 | |
| Nortel Business Communications Manager | =400 | |
| Nortel Business Communications Manager | =1000 | |
| Nortel Business Communications Manager | =srg50 | |
| Nortel Business Communications Manager | =srg200 | |
| Nortel Centrex Ip Client Manager | ||
| Nortel Centrex Ip Element Manager | ||
| Nortel Meridian Option 11c | ||
| Nortel Meridian Option 51c | ||
| Nortel Meridian Option 61c | ||
| Nortel Meridian Option 81c | ||
| Nortel Meridian Sl100 | =cs2100 | |
| Nortel Mobile Voice Client 2050 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714
- http://www.securityfocus.com/bid/26120
- http://secunia.com/advisories/27234
- http://securityreason.com/securityalert/3272
- http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf
- http://osvdb.org/41769
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37255
- http://www.securityfocus.com/archive/1/482478/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/remedy
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nortel
- canonical/nortel multimedia communication server 5100
- canonical/nortel multimedia communication server 5200
- canonical/nortel communications server
- version/nortel communications server/1000e
- version/nortel communications server/1000m
- version/nortel communications server/1000s
- version/nortel communications server/2100
- canonical/nortel ip audio conference phone 2033
- canonical/nortel ip phone 1110
- canonical/nortel ip phone 1120e
- canonical/nortel ip phone 1140e
- canonical/nortel ip phone 1150e
- canonical/nortel ip phone 2001
- canonical/nortel ip phone 2002
- canonical/nortel ip phone 2004
- canonical/nortel ip phone 2007
- canonical/nortel wlan handset 2210
- canonical/nortel wlan handset 2211
- canonical/nortel wlan handset 2212
- canonical/nortel wlan handset 6120
- canonical/nortel wlan handset 6140
- canonical/nortel business communications manager
- version/nortel business communications manager/50
- version/nortel business communications manager/50a
- version/nortel business communications manager/50e
- version/nortel business communications manager/200
- version/nortel business communications manager/400
- version/nortel business communications manager/1000
- version/nortel business communications manager/srg50
- version/nortel business communications manager/srg200
- canonical/nortel centrex ip client manager
- canonical/nortel centrex ip element manager
- canonical/nortel meridian option 11c
- canonical/nortel meridian option 51c
- canonical/nortel meridian option 61c
- canonical/nortel meridian option 81c
- canonical/nortel meridian sl100
- version/nortel meridian sl100/cs2100
- canonical/nortel mobile voice client 2050