Vulnerability Description
Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nortel | Communication Server 1000 | All versions |
| Nortel | Unistim Protocol | All versions |
References
- http://osvdb.org/44379
- http://secunia.com/advisories/29747
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455Vendor Advisory
- http://www.securityfocus.com/bid/28691
- http://www.securitytracker.com/id?1019847
- http://www.voipshield.com/research-details.php?id=27&s=4&threats_details=&threat
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41801
- http://osvdb.org/44379
- http://secunia.com/advisories/29747
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455Vendor Advisory
- http://www.securityfocus.com/bid/28691
- http://www.securitytracker.com/id?1019847
- http://www.voipshield.com/research-details.php?id=27&s=4&threats_details=&threat
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41801
FAQ
What is CVE-2008-6564?
CVE-2008-6564 is a vulnerability with a CVSS score of 7.6 (HIGH). Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attack...
How severe is CVE-2008-6564?
CVE-2008-6564 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6564?
Check the references section above for vendor advisories and patch information. Affected products include: Nortel Communication Server 1000, Nortel Unistim Protocol.