CVE-2007-5637

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode." NOTE: issues relating to a small ID number space can be leveraged to make this attack easier.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714	Patch
http://www.securityfocus.com/bid/26120	Exploit Patch
http://secunia.com/advisories/27234	Vendor Advisory
http://securityreason.com/securityalert/3272
http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf
http://osvdb.org/41769
https://exchange.xforce.ibmcloud.com/vulnerabilities/37255
http://www.securityfocus.com/archive/1/482478/100/0/threaded

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:nortel:multimedia_communication_server_5200::::::::
	cpe:2.3:a:nortel:multimedia_communication_server_5100::::::::

OR	cpe:2.3:h:nortel:ip_phone_1140e::::::::
	cpe:2.3:h:nortel:ip_phone_1150e::::::::
	cpe:2.3:h:nortel:wlan_handset_2212::::::::
	cpe:2.3:h:nortel:wlan_handset_6120::::::::
	cpe:2.3:a:nortel:communications_server:1000s:::::::*
	cpe:2.3:a:nortel:communications_server:2100:::::::*
	cpe:2.3:h:nortel:ip_audio_conference_phone_2033::::::::
	cpe:2.3:h:nortel:ip_phone_2004::::::::
	cpe:2.3:h:nortel:ip_phone_2007::::::::
	cpe:2.3:h:nortel:ip_phone_1110::::::::
	cpe:2.3:h:nortel:ip_phone_1120e::::::::
	cpe:2.3:h:nortel:wlan_handset_6140::::::::
	cpe:2.3:h:nortel:wlan_handset_2211::::::::
	cpe:2.3:h:nortel:ip_phone_2002::::::::
	cpe:2.3:a:nortel:communications_server:1000m:::::::*
	cpe:2.3:h:nortel:wlan_handset_2210::::::::
	cpe:2.3:a:nortel:communications_server:1000e:::::::*
	cpe:2.3:h:nortel:ip_phone_2001::::::::

OR	cpe:2.3:a:nortel:business_communications_manager:50a:::::::*
	cpe:2.3:a:nortel:business_communications_manager:50e:::::::*
	cpe:2.3:a:nortel:meridian_option_81c::::::::
	cpe:2.3:a:nortel:meridian_sl100:cs2100:::::::*
	cpe:2.3:a:nortel:business_communications_manager:1000:::::::*
	cpe:2.3:a:nortel:business_communications_manager:200:::::::*
	cpe:2.3:a:nortel:centrex_ip_element_manager::::::::
	cpe:2.3:a:nortel:meridian_option_11c::::::::
	cpe:2.3:a:nortel:business_communications_manager:400:::::::*
	cpe:2.3:a:nortel:business_communications_manager:50:::::::*
	cpe:2.3:a:nortel:meridian_option_51c::::::::
	cpe:2.3:a:nortel:centrex_ip_client_manager::::::::
	cpe:2.3:a:nortel:business_communications_manager:srg200:::::::*
	cpe:2.3:a:nortel:meridian_option_61c::::::::
	cpe:2.3:a:nortel:mobile_voice_client_2050::::::::
	cpe:2.3:a:nortel:business_communications_manager:srg50:::::::*

Information

Published : 2007-10-23 10:46

Updated : 2018-10-15 14:45

NVD link : CVE-2007-5637

Mitre link : CVE-2007-5637

JSON object : View

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Products Affected

nortel

ip_phone_2001
multimedia_communication_server_5100
ip_phone_1140e
centrex_ip_element_manager
wlan_handset_2210
meridian_sl100
multimedia_communication_server_5200
wlan_handset_6120
ip_phone_1120e
meridian_option_51c
wlan_handset_2211
ip_audio_conference_phone_2033
meridian_option_11c
ip_phone_2004
meridian_option_81c
centrex_ip_client_manager
ip_phone_1150e
ip_phone_1110
ip_phone_2002
mobile_voice_client_2050
ip_phone_2007
business_communications_manager
wlan_handset_2212
communications_server
wlan_handset_6140
meridian_option_61c

4.3 /10