The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client, and WLAN Handsets products allow remote attackers to cause a denial of service (device hang) via a flood of Mute and UnMute messages that have a spoofed source IP address for the Signaling Server.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ip_audio_conference_phone_2033 | Nortel | * | * |
| Ip_phone_1110 | Nortel | * | * |
| Ip_phone_1120e | Nortel | * | * |
| Ip_phone_1140e | Nortel | * | * |
| Ip_phone_1150e | Nortel | * | * |
| Ip_phone_2001 | Nortel | * | * |
| Ip_phone_2002 | Nortel | * | * |
| Ip_phone_2004 | Nortel | * | * |
| Wlan_handset_2210 | Nortel | * | * |
| Wlan_handset_2211 | Nortel | * | * |
| Wlan_handset_2212 | Nortel | * | * |
| Wlan_handset_6120 | Nortel | * | * |
| Wlan_handset_6140 | Nortel | * | * |
References
- http://securityreason.com/securityalert/3273
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=654715
- http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_flooding_denial_of_service_v1.0.txt
- http://www.securityfocus.com/archive/1/482480/100/0/threaded
- http://www.securityfocus.com/bid/26122
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37253
- http://securityreason.com/securityalert/3273
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=654715
- http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_flooding_denial_of_service_v1.0.txt
- http://www.securityfocus.com/archive/1/482480/100/0/threaded
- http://www.securityfocus.com/bid/26122
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37253