lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20071018122603.24595.qmail@securityfocus.com>
Date: 18 Oct 2007 12:26:03 -0000
From: daniel.stirnimann@...c.ch
To: bugtraq@...urityfocus.com
Subject: Nortel UNIStim IP Softphone Buffer-Overflow

#############################################################
#
# COMPASS SECURITY ADVISORY http://www.csnc.ch/
#
#############################################################
#
# Product: IP Softphone
# Vendor:  Nortel
# Subject: UNIStim IP Softphone Buffer-Overflow
# Risk:    High
# Effect:  Currently not exploitable
# Author:  Cyrill Brunschwiler (cyrill.brunschwiler (at) csnc (dot) ch
# Date:    October, 18th 2007
#
#############################################################

Introduction:
-------------
Flooding an UNIStim IP Softphone on the RTCP Port with garbage immediately results in a Microsoft Windows error message which is mostly caused by
memory corruption (buffer overflow).
This vulnerability may be exploitable to gain user privileges on the client workstation and execute malicious commands or code.

Nortel has noted this as:
Title:  UNIStim IP Softphone - Potential Vulnerability Due to Buffer Overflow
Number: 2007008382
http://support.nortel.com/go/main.jsp?cscat=SECUREADVISORY

Vulnerable:
-----------
IP Softphone 2050

Vulnerability Management:
-------------------------
June 2007:    Vulnerability found
June 2007:    Nortel Security notified
October 2007: Nortel Advisory available
October 2007: Compass Security Information

Remediation:
------------
According to Nortel the vulnerability is still under investigation.
The Nortel advisory will be reissued if the investigation results in new prevention information.

Reference:
http://www.csnc.ch/static/advisory/secadvisorylist.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ