Vulnerability Description
Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nortel | Multimedia Communication Server 5100 | 3.0.13 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32203Vendor Advisory
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=775223
- http://voipshield.com/research-details.php?id=119
- http://www.securityfocus.com/bid/31640
- http://www.vupen.com/english/advisories/2008/2779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45752
- http://secunia.com/advisories/32203Vendor Advisory
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=775223
- http://voipshield.com/research-details.php?id=119
- http://www.securityfocus.com/bid/31640
- http://www.vupen.com/english/advisories/2008/2779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45752
FAQ
What is CVE-2008-5871?
CVE-2008-5871 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoo...
How severe is CVE-2008-5871?
CVE-2008-5871 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5871?
Check the references section above for vendor advisories and patch information. Affected products include: Nortel Multimedia Communication Server 5100.