1. CVE-Search
  2. CVE-2007-5640
ID CVE-2007-5640
Summary The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a new spoofed resume message is sent after each re-registration.
References
Vulnerable Configurations
  • cpe:2.3:a:nortel:multimedia_communication_server_5100:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:multimedia_communication_server_5100:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:multimedia_communication_server_5200:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:multimedia_communication_server_5200:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:communications_server:1000e:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:communications_server:1000e:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:communications_server:1000m:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:communications_server:1000m:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:communications_server:1000s:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:communications_server:1000s:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:communications_server:2100:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:communications_server:2100:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_audio_conference_phone_2033:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_audio_conference_phone_2033:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_phone_1110:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_phone_1110:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_phone_1120e:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_phone_1120e:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_phone_1140e:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_phone_1140e:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_phone_1150e:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_phone_1150e:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_phone_2001:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_phone_2001:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_phone_2002:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_phone_2002:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_phone_2004:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_phone_2004:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:ip_phone_2007:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:ip_phone_2007:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:wlan_handset_2210:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:wlan_handset_2210:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:wlan_handset_2211:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:wlan_handset_2211:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:wlan_handset_2212:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:wlan_handset_2212:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:wlan_handset_6120:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:wlan_handset_6120:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:wlan_handset_6140:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:wlan_handset_6140:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:business_communications_manager:50:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:business_communications_manager:50:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:business_communications_manager:50a:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:business_communications_manager:50a:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:business_communications_manager:50e:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:business_communications_manager:50e:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:business_communications_manager:200:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:business_communications_manager:200:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:business_communications_manager:400:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:business_communications_manager:400:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:business_communications_manager:1000:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:business_communications_manager:1000:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:business_communications_manager:srg50:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:business_communications_manager:srg50:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:business_communications_manager:srg200:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:business_communications_manager:srg200:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:centrex_ip_client_manager:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:centrex_ip_client_manager:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:centrex_ip_element_manager:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:centrex_ip_element_manager:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:meridian_option_11c:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:meridian_option_11c:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:meridian_option_51c:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:meridian_option_51c:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:meridian_option_61c:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:meridian_option_61c:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:meridian_option_81c:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:meridian_option_81c:*:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:meridian_sl100:cs2100:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:meridian_sl100:cs2100:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:mobile_voice_client_2050:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:mobile_voice_client_2050:*:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 15-10-2018 - 21:45)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
refmap via4
bid 26124
bugtraq 20071018 Nortel IP Phone forced re-authentication
confirm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654641
misc http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_forced_re-authentication_v1.0.txt
osvdb 41772
secunia 27234
sreason 3274
xf nortel-ipphone-register-dos(37254)
Last major update 15-10-2018 - 21:45
Published 23-10-2007 - 17:46
Last modified 15-10-2018 - 21:45
Back to Top