############################################################# #
# COMPASS SECURITY ADVISORY http://www.csnc.ch/ # ############################################################# # # Product: Telephony Server # Vendor: Nortel # Subject: Telephony Server Denial of Service # Risk: High # Effect: Currently exploitable # Author: Cyrill Brunschwiler (cyrill.brunschwiler (at) csnc (dot) ch # Date: October, 18th 2007 # ############################################################# Introduction: ------------- A malicious user who can send a flood of packets to specific E-LAN ports on the Telephony Server is able to crash the telephony application. The server needs to be rebooted to resume normal operation. Nortel has noted this as: Title: Potential CS1000 DoS Vulnerability Number: 2007008384 http://support.nortel.com/go/main.jsp?cscat=SECUREADVISORY Vulnerable: ----------- Communication Server 1000 and others. See associated products on the Nortel advisory. Vulnerability Management: ------------------------- June 2007: Vulnerability found June 2007: Nortel Security notified October 2007: Nortel Advisory available October 2007: Compass Security Information Remediation: ------------ Follow the recommended actions for the affected systems, as identified in the Nortel Advisory. Reference: http://www.csnc.ch/static/advisory/secadvisorylist.html
