Vulnerabilities (CVE)

Filtered by vendor Nortel Subscribe
Total 44 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2332 1 Nortel 8 Vpn Router 1010, Vpn Router 1050, Vpn Router 1100 and 5 more 2024-02-28 9.0 HIGH N/A
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store.
CVE-2007-2333 1 Nortel 3 Contivity, Vpn Router 5000, Vpn Router Portfolio 2024-02-28 10.0 HIGH N/A
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.
CVE-2007-1057 1 Nortel 4 Alteon 2424 Application Switch, Net Direct Client, Ssl Vpn Module 1000 and 1 more 2024-02-28 6.9 MEDIUM N/A
The Net Direct client for Linux before 6.0.5 in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 extracts and executes files with insecure permissions, which allows local users to exploit a race condition to replace a world-writable file in /tmp/NetClient and cause another user to execute arbitrary code when attempting to execute this client, as demonstrated by replacing /tmp/NetClient/client.
CVE-2007-1820 1 Nortel 2 Callpilot, Meridian Mail 2024-02-28 9.3 HIGH N/A
Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled, allow remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Calling Number Identification (CNID, aka Caller ID).
CVE-2007-5638 1 Nortel 26 Business Communications Manager, Centrex Ip Client Manager, Centrex Ip Element Manager and 23 more 2024-02-28 4.3 MEDIUM N/A
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.
CVE-2005-0356 9 Alaxala, Cisco, F5 and 6 more 76 Alaxala Networks, Agent Desktop, Aironet Ap1200 and 73 more 2024-02-28 5.0 MEDIUM N/A
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
CVE-2005-0844 1 Nortel 1 Contivity 2024-02-28 4.6 MEDIUM N/A
Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information.
CVE-2004-2549 1 Nortel 3 Wlan Access Point 2220, Wlan Access Point 2221, Wlan Access Point 2225 2024-02-28 5.0 MEDIUM N/A
Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 allow remote attackers to cause a denial of service (service crash) via a TCP request with a large string, followed by 8 newline characters, to (1) the Telnet service on TCP port 23 and (2) the HTTP service on TCP port 80, possibly due to a buffer overflow.
CVE-2005-1802 1 Nortel 9 Contivity, Vpn Router 1010, Vpn Router 1050 and 6 more 2024-02-28 5.0 MEDIUM N/A
Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.
CVE-2004-2621 1 Nortel 1 Contivity 2024-02-28 4.0 MEDIUM N/A
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack.
CVE-2004-1105 1 Nortel 1 Contivity 2024-02-28 5.0 MEDIUM N/A
Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.
CVE-2005-4197 1 Nortel 1 Ssl Vpn 2024-02-28 7.5 HIGH N/A
tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet.
CVE-2005-2579 1 Nortel 1 Contivity 2024-02-28 7.2 HIGH N/A
Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box.
CVE-2002-0540 1 Nortel 1 Cvx 1800 Multi-service Access Switch 2024-02-28 7.5 HIGH N/A
Nortel CVX 1800 is installed with a default "public" community string, which allows remote attackers to read usernames and passwords and modify the CVX configuration.
CVE-2003-1115 1 Nortel 1 Succession Communication Server 2000 2024-02-28 7.5 HIGH N/A
The Session Initiation Protocol (SIP) implementation in Nortel Networks Succession Communication Server 2000, when using SIP-T, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
CVE-2004-0839 3 Avaya, Microsoft, Nortel 18 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 15 more 2024-02-28 5.0 MEDIUM N/A
Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html".
CVE-2000-0221 1 Nortel 1 Nautica Marlin 2024-02-28 5.0 MEDIUM N/A
The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port.
CVE-2000-0009 1 Nortel 1 Optivity Net Architect 2024-02-28 7.2 HIGH N/A
The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.
CVE-2000-0063 1 Nortel 1 Contivity 2024-02-28 5.0 MEDIUM N/A
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
CVE-2004-0056 1 Nortel 3 802.11 Wireless Ip Gateway, Business Communications Manager, Succession Communication Server 1000 2024-02-28 7.5 HIGH N/A
Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.