CVE-2007-5638

Nortel Business Communications Manager - Exposure of Sensitive Information via RUDP ID Predictability

Title source: llm
STIX 2.1

Description

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/37255
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27234
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/41770
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/42881
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3272
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/482478/100/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26120

Scores

EPSS 0.0147
EPSS Percentile 70.7%

Details

CWE
CWE-200 CWE-310
Status published
Products (16)
nortel/business_communications_manager 50
nortel/business_communications_manager 50a
nortel/business_communications_manager 50e
nortel/business_communications_manager 200
nortel/business_communications_manager 400
nortel/business_communications_manager 1000
nortel/business_communications_manager srg50
nortel/business_communications_manager srg200
nortel/centrex_ip_client_manager
nortel/centrex_ip_element_manager
... and 6 more
Published Oct 23, 2007
Tracked Since Feb 18, 2026