1. CVE-Search
  2. CVE-2008-6564
ID CVE-2008-6564
Summary Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.
References
Vulnerable Configurations
  • cpe:2.3:a:nortel:communication_server_1000:*:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:communication_server_1000:*:*:*:*:*:*:*:*
  • cpe:2.3:h:nortel:unistim_protocol:*:*:*:*:*:*:*:*
    cpe:2.3:h:nortel:unistim_protocol:*:*:*:*:*:*:*:*
CVSS
Base: 7.6 (as of 17-08-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:C/I:C/A:C
refmap via4
bid 28691
confirm http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455
misc http://www.voipshield.com/research-details.php?id=27&s=4&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC
osvdb 44379
sectrack 1019847
secunia 29747
xf nortel-unistim-dos(41801)
Last major update 17-08-2017 - 01:29
Published 31-03-2009 - 17:30
Last modified 17-08-2017 - 01:29
Back to Top