Nortel多個VoIP產品UNIStim消息竊聽漏洞

Nortel多個VoIP產品UNIStim消息竊聽漏洞

發佈時間:2007.10.26 04:58 來源:賽迪網-技術社區 作者:kill

發佈日期:2007-10-18

更新日期:2007-10-24


受影響系統:

Nortel Networks Meridian-Core-Option 81C

Nortel Networks Meridian-Core-Option 61C

Nortel Networks Meridian-Core-Option 51C

Nortel Networks Meridian-Core-Option 11C Mini

Nortel Networks IP Softphone 2050

Nortel Networks IP Phone 2007

Nortel Networks IP Phone 2004

Nortel Networks IP Phone 2002

Nortel Networks IP Phone 2001

Nortel Networks IP Phone 1150E

Nortel Networks IP Phone 1140E

Nortel Networks IP Phone 1120E

Nortel Networks IP Phone 1110

Nortel Networks IP Phone

Nortel Networks Mobile Voice Client 2050

Nortel Networks IP Audio Conference Phone 2033

Nortel Networks Communications Server 2100

Nortel Networks Communications Server 1000S

Nortel Networks Communications Server 1000M Cabinet/Chassis

Nortel Networks Communications Server 1000E

描述:

BUGTRAQ ID: 26120


Nortel IP Phone、IP Softphone等都是Nortel所發佈的IP電話設備。


Nortel IP Phone實現上存在漏洞,遠程攻擊者可能利用此漏洞實現遠程現場竊聽。


如果用戶發送了正確的UNIStim消息的話,就可能將IP電話置於監控模式。UNIStim消息ID必須匹配發送信號的伺服器與IP電話之間的ID,但協議僅對ID數使用了16位長度。如果惡意用戶發送了65536個窮盡了所有可能ID數的欺騙UNIStim消息的話,就可以打開音頻通道,使IP電話的話筒處於遠程監聽的狀態。

Nortel Networks:目前廠商已經發佈了升級補丁以修復這個安全問題,請到廠商的主頁下載:http://www.nortelnetworks.com/index.html


(責任編輯:高爽)

Comments

Popular posts from this blog

L2TPv3 Enables Layer 2 Services for IP Networks

TCP/IP 明確擁塞通知 (ECN)

Q-in-Q(Dot1Q Tunnel) Sample Configuration