Vulnerability Description
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a new spoofed resume message is sent after each re-registration.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nortel | Multimedia Communication Server 5100 | All versions |
| Nortel | Multimedia Communication Server 5200 | All versions |
| Nortel | Communications Server | 1000e |
| Nortel | Ip Audio Conference Phone 2033 | All versions |
| Nortel | Ip Phone 1110 | All versions |
| Nortel | Ip Phone 1120E | All versions |
| Nortel | Ip Phone 1140E | All versions |
| Nortel | Ip Phone 1150E | All versions |
| Nortel | Ip Phone 2001 | All versions |
| Nortel | Ip Phone 2002 | All versions |
| Nortel | Ip Phone 2004 | All versions |
| Nortel | Ip Phone 2007 | All versions |
| Nortel | Wlan Handset 2210 | All versions |
| Nortel | Wlan Handset 2211 | All versions |
| Nortel | Wlan Handset 2212 | All versions |
| Nortel | Wlan Handset 6120 | All versions |
| Nortel | Wlan Handset 6140 | All versions |
| Nortel | Business Communications Manager | 50 |
| Nortel | Centrex Ip Client Manager | All versions |
| Nortel | Centrex Ip Element Manager | All versions |
References
- http://osvdb.org/41772
- http://secunia.com/advisories/27234Vendor Advisory
- http://securityreason.com/securityalert/3274
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654641Patch
- http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_forced_re-authenticationExploit
- http://www.securityfocus.com/archive/1/482481/100/0/threaded
- http://www.securityfocus.com/bid/26124
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37254
- http://osvdb.org/41772
- http://secunia.com/advisories/27234Vendor Advisory
- http://securityreason.com/securityalert/3274
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654641Patch
- http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_forced_re-authenticationExploit
- http://www.securityfocus.com/archive/1/482481/100/0/threaded
- http://www.securityfocus.com/bid/26124
FAQ
What is CVE-2007-5640?
CVE-2007-5640 is a vulnerability with a CVSS score of 7.1 (HIGH). The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remot...
How severe is CVE-2007-5640?
CVE-2007-5640 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5640?
Check the references section above for vendor advisories and patch information. Affected products include: Nortel Multimedia Communication Server 5100, Nortel Multimedia Communication Server 5200, Nortel Communications Server, Nortel Ip Audio Conference Phone 2033, Nortel Ip Phone 1110.