Executive Summary

Informations
Name CVE-2007-5638 First vendor Publication 2007-10-23
Vendor Cve Last vendor Modification 2018-10-15

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5638

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-310 Cryptographic Issues
50 % CWE-200 Information Exposure

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1

Open Source Vulnerability Database (OSVDB)

Id Description
41770 Nortel Multiple Products RUDP Datagram Prediction Message Spoofing

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/26120
BUGTRAQ http://www.securityfocus.com/archive/1/482478/100/0/threaded
MISC http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1....
OSVDB http://osvdb.org/41770
SECUNIA http://secunia.com/advisories/27234
SREASON http://securityreason.com/securityalert/3272
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/37255
https://exchange.xforce.ibmcloud.com/vulnerabilities/42881

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2020-05-23 00:20:40
  • Multiple Updates
2018-10-16 00:19:19
  • Multiple Updates
2017-07-29 12:02:38
  • Multiple Updates
2016-06-28 17:00:58
  • Multiple Updates
2016-04-26 16:44:45
  • Multiple Updates
2013-05-11 10:40:14
  • Multiple Updates