CVE-2008-6564

Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.

Affected Software

References

• http://osvdb.org/44379
• http://secunia.com/advisories/29747
• http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=713455
• http://www.securityfocus.com/bid/28691
• http://www.securitytracker.com/id?1019847
• http://www.voipshield.com/research-details.php?id=27\u0026s=4\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=DESC
• https://exchange.xforce.ibmcloud.com/vulnerabilities/41801
• http://osvdb.org/44379
• http://secunia.com/advisories/29747
• http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=713455
• http://www.securityfocus.com/bid/28691
• http://www.securitytracker.com/id?1019847
• http://www.voipshield.com/research-details.php?id=27\u0026s=4\u0026threats_details=\u0026threats_category=0\u0026threats_vendor=0\u0026limit=20\u0026sort=discovered\u0026sortby=DESC
• https://exchange.xforce.ibmcloud.com/vulnerabilities/41801