CVE-2008-5871

Published: Jan 8, 2009Modified: Apr 23, 2026

6.4

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Exploitability: 10.0 / Impact: 4.9

Source: NVD

Description

Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command.

Affected (1)

Products: Nortel: Multimedia Communication Server 5100

Nortel

1 product

Multimedia Communication Server 5100

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nortel Multimedia Communication Server 5100	Version 3.0.13

Related CWEs

CWE-255

References (12)

http://secunia.com/advisories/32203

Source: cve@mitre.org

Vendor Advisory

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=775223

Source: cve@mitre.org

http://voipshield.com/research-details.php?id=119

Source: cve@mitre.org

http://www.securityfocus.com/bid/31640

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2779

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/45752

Source: cve@mitre.org

http://secunia.com/advisories/32203