Lucene search

[email protected]CVE-2007-5591

HistoryOct 19, 2007 - 11:17 p.m.

CVE-2007-5591

2007-10-1923:17:00

[email protected]

web.nvd.nist.gov

nortel

voip

servers

vulnerability

denial of service

nvd

cs1000

signaling server

elan ports

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.8%

JSON

The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allows remote attackers to cause a denial of service (telephony application outage) via a flood of packets to Embedded LAN (ELAN) ports.

Affected configurations

NVD

Node

nortelcommunications_serverMatch1000e

nortelcommunications_serverMatch1000m

nortelcommunications_serverMatch1000s

AND

nortelmeridian_option_11c

nortelmeridian_option_51c

nortelmeridian_option_61c

nortelmeridian_option_81c

nortelvoip-core-csMatch1000eenterprise

nortelvoip-core-csMatch1000menterprise

nortelvoip-core-csMatch1000senterprise

CPENameOperatorVersion
nortel:meridian_option_11cnortel meridian option 11ceq*
nortel:meridian_option_51cnortel meridian option 51ceq*
nortel:meridian_option_61cnortel meridian option 61ceq*
nortel:meridian_option_81cnortel meridian option 81ceq*
nortel:voip-core-csnortel voip-core-cseq1000e
nortel:voip-core-csnortel voip-core-cseq1000m
nortel:voip-core-csnortel voip-core-cseq1000s

CPE	Name	Operator	Version
nortel:meridian_option_11c	nortel meridian option 11c	eq	*
nortel:meridian_option_51c	nortel meridian option 51c	eq	*
nortel:meridian_option_61c	nortel meridian option 61c	eq	*
nortel:meridian_option_81c	nortel meridian option 81c	eq	*
nortel:voip-core-cs	nortel voip-core-cs	eq	1000e
nortel:voip-core-cs	nortel voip-core-cs	eq	1000m
nortel:voip-core-cs	nortel voip-core-cs	eq	1000s

References

osvdb.org/41799

secunia.com/advisories/27282

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204

www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt

www.securityfocus.com/archive/1/482484/100/0/threaded

www.securityfocus.com/bid/26113

www.vupen.com/english/advisories/2007/3536

www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/37252

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.8%

JSON

Related for CVE-2007-5591

nvd1 cvelist1 prion1