CVE-2007-5639

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:h:nortel:ip_audio_conference_phone_2033:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:ip_phone_1110:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:ip_phone_1120e:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:ip_phone_1140e:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:ip_phone_1150e:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:ip_phone_2001:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:ip_phone_2002:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:ip_phone_2004:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:wlan_handset_2210:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:wlan_handset_2211:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:wlan_handset_2212:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:wlan_handset_6120:*:*:*:*:*:*:*:*
cpe:2.3:h:nortel:wlan_handset_6140:*:*:*:*:*:*:*:*
OR cpe:2.3:a:nortel:ip_softphone_2050:*:*:*:*:*:*:*:*
cpe:2.3:a:nortel:mobile_voice_client_2050:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:38

Type Values Removed Values Added
References () http://securityreason.com/securityalert/3273 - () http://securityreason.com/securityalert/3273 -
References () http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654715 - Patch () http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654715 - Patch
References () http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_flooding_denial_of_service_v1.0.txt - Exploit () http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_flooding_denial_of_service_v1.0.txt - Exploit
References () http://www.securityfocus.com/archive/1/482480/100/0/threaded - () http://www.securityfocus.com/archive/1/482480/100/0/threaded -
References () http://www.securityfocus.com/bid/26122 - Patch () http://www.securityfocus.com/bid/26122 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/37253 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/37253 -

Information

Published : 2007-10-23 17:46

Updated : 2024-11-21 00:38


NVD link : CVE-2007-5639

Mitre link : CVE-2007-5639

CVE.ORG link : CVE-2007-5639


JSON object : View

Products Affected

nortel

  • ip_phone_1120e
  • ip_audio_conference_phone_2033
  • ip_phone_1110
  • ip_phone_2002
  • wlan_handset_6140
  • wlan_handset_6120
  • mobile_voice_client_2050
  • ip_phone_1140e
  • ip_phone_1150e
  • ip_softphone_2050
  • ip_phone_2001
  • wlan_handset_2211
  • wlan_handset_2210
  • ip_phone_2004
  • wlan_handset_2212