Vulnerabilities > CVE-2008-5871 - Credentials Management vulnerability in Nortel Multimedia Communication Server 5100 3.0.13

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

nortel

CWE-255

NVD

Published: 2009-01-08

Updated: 2024-11-21

Summary

Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command.

Vulnerable Configurations

Part	Description	Count
Application	Nortel Nortel Multimedia Communication Server 5100 3.0.13	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://secunia.com/advisories/32203
http://secunia.com/advisories/32203
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=775223
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=775223
http://voipshield.com/research-details.php?id=119
http://voipshield.com/research-details.php?id=119
http://www.securityfocus.com/bid/31640
http://www.securityfocus.com/bid/31640
http://www.vupen.com/english/advisories/2008/2779
http://www.vupen.com/english/advisories/2008/2779
https://exchange.xforce.ibmcloud.com/vulnerabilities/45752
https://exchange.xforce.ibmcloud.com/vulnerabilities/45752