Vulnerability Description
Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP Client Manager (IPCM) in Nortel Multimedia Communication Server (MSC) 5100 3.0.13 allow remote attackers to cause a denial of service (device outage) via a UFTP message that has a negative block size or other crafted Connection Details values.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nortel | Multimedia Communication Server 5100 | 3.0.13 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32203Vendor Advisory
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=774845Vendor Advisory
- http://voipshield.com/research-details.php?id=120
- http://www.securityfocus.com/bid/31633
- http://www.vupen.com/english/advisories/2008/2779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45751
- http://secunia.com/advisories/32203Vendor Advisory
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=774845Vendor Advisory
- http://voipshield.com/research-details.php?id=120
- http://www.securityfocus.com/bid/31633
- http://www.vupen.com/english/advisories/2008/2779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45751
FAQ
What is CVE-2008-5872?
CVE-2008-5872 is a vulnerability with a CVSS score of 7.8 (HIGH). Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in IP Client Manager (IPCM) in Nortel Multimedia Communication Server (MSC) 5100 3.0.13 allow remote attack...
How severe is CVE-2008-5872?
CVE-2008-5872 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5872?
Check the references section above for vendor advisories and patch information. Affected products include: Nortel Multimedia Communication Server 5100.