First published: Tue Oct 23 2007(Updated: )
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Nortel Multimedia Communication Server 5100 | ||
Nortel Multimedia Communication Server 5200 | ||
Nortel Communications Server | =1000e | |
Nortel Communications Server | =1000m | |
Nortel Communications Server | =1000s | |
Nortel Communications Server | =2100 | |
Nortel Ip Audio Conference Phone 2033 | ||
Nortel Ip Phone 1110 | ||
Nortel Ip Phone 1120e | ||
Nortel Ip Phone 1140e | ||
Nortel Ip Phone 1150e | ||
Nortel Ip Phone 2001 | ||
Nortel Ip Phone 2002 | ||
Nortel Ip Phone 2004 | ||
Nortel Ip Phone 2007 | ||
Nortel Wlan Handset 2210 | ||
Nortel Wlan Handset 2211 | ||
Nortel Wlan Handset 2212 | ||
Nortel Wlan Handset 6120 | ||
Nortel Wlan Handset 6140 | ||
Nortel Business Communications Manager | =50 | |
Nortel Business Communications Manager | =50a | |
Nortel Business Communications Manager | =50e | |
Nortel Business Communications Manager | =200 | |
Nortel Business Communications Manager | =400 | |
Nortel Business Communications Manager | =1000 | |
Nortel Business Communications Manager | =srg50 | |
Nortel Business Communications Manager | =srg200 | |
Nortel Centrex Ip Client Manager | ||
Nortel Centrex Ip Element Manager | ||
Nortel Meridian Option 11c | ||
Nortel Meridian Option 51c | ||
Nortel Meridian Option 61c | ||
Nortel Meridian Option 81c | ||
Nortel Meridian Sl100 | =cs2100 | |
Nortel Mobile Voice Client 2050 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.