CVE-2008-6564

Published: Mar 31, 2009Modified: Apr 23, 2026

7.6

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability: 4.9 / Impact: 10.0

Source: NVD

Description

Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.

Affected (2)

Products: Nortel: Communication Server 1000, Unistim Protocol

Nortel

2 products

Communication Server 1000

Unistim Protocol

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Nortel Communication Server 1000	All versions
Nortel Unistim Protocol	All versions

References (14)

http://osvdb.org/44379

Source: cve@mitre.org

http://secunia.com/advisories/29747

Source: cve@mitre.org

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/28691

Source: cve@mitre.org

http://www.securitytracker.com/id?1019847

Source: cve@mitre.org

http://www.voipshield.com/research-details.php?id=27&s=4&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41801

Source: cve@mitre.org

http://osvdb.org/44379