CVE-2007-2332

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store.
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:nortel:vpn_router_1010:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_1050:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_1100:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_1700:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_1740:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_1750:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_2700:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:30

Type Values Removed Values Added
References () http://secunia.com/advisories/24962 - Vendor Advisory () http://secunia.com/advisories/24962 - Vendor Advisory
References () http://www.securityfocus.com/bid/23562 - () http://www.securityfocus.com/bid/23562 -
References () http://www.vupen.com/english/advisories/2007/1464 - () http://www.vupen.com/english/advisories/2007/1464 -
References () http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null - () http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null -

Information

Published : 2007-04-27 16:19

Updated : 2024-11-21 00:30


NVD link : CVE-2007-2332

Mitre link : CVE-2007-2332

CVE.ORG link : CVE-2007-2332


JSON object : View

Products Affected

nortel

  • vpn_router_1700
  • vpn_router_1750
  • vpn_router_1050
  • vpn_router_1010
  • vpn_router_1100
  • vpn_router_1740
  • vpn_router_5000
  • vpn_router_2700