Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Communication_server_1000 | Nortel | * | * |
| Unistim_protocol | Nortel | * | * |
References
- http://osvdb.org/44379
- http://secunia.com/advisories/29747
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=713455
- http://www.securityfocus.com/bid/28691
- http://www.securitytracker.com/id?1019847
- http://www.voipshield.com/research-details.php?id=27\u0026s=4\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=DESC
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41801
- http://osvdb.org/44379
- http://secunia.com/advisories/29747
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=713455
- http://www.securityfocus.com/bid/28691
- http://www.securitytracker.com/id?1019847
- http://www.voipshield.com/research-details.php?id=27\u0026s=4\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=DESC
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41801