Secunia Security Advisory - A vulnerability has been reported in Nortel Communication Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
f6ce66ffdc2673f094448f3d8b46daf0177843061548d3bac094679d36545342
----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/
----------------------------------------------------------------------
TITLE:
Nortel Communication Server Command Processing Denial of Service
SECUNIA ADVISORY ID:
SA30844
VERIFY ADVISORY:
http://secunia.com/advisories/30844/
CRITICAL:
Not critical
IMPACT:
DoS
WHERE:
>From local network
OPERATING SYSTEM:
Nortel Communication Server 1000
http://secunia.com/product/2823/
DESCRIPTION:
A vulnerability has been reported in Nortel Communication Server,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
The vulnerability is caused due to an error in the Signaling Server
when processing certain commands sent via the ELAN (Embedded LAN).
This can be exploited to cause a DoS via a specially crafted, overly
large command.
The vulnerability is reported in version 4.5, 5.0, and 5.5.
SOLUTION:
The vendor is reportedly working on a fix.
Restrict network access to the affected device.
PROVIDED AND/OR DISCOVERED BY:
VoIPshield
ORIGINAL ADVISORY:
Nortel:
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=738892
VoIPshield:
http://www.voipshield.com/research-details.php?id=59
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------