----------------------------------------------------------------------

Secunia Network Software Inspector 2.0 (NSI) - Public Beta

16 days left of beta period.

The 1st generation of the Secunia Network Software Inspector (NSI)
has been available for corporate users for almost 1 year and its been
a tremendous success.

The 2nd generation Secunia NSI is built on the same technology as the
award winning Secunia PSI, which has already been downloaded and
installed on more than 400,000 computers world wide.

Learn more / Download (instant access):
http://secunia.com/network_software_inspector_2/

----------------------------------------------------------------------

TITLE:
Nortel Networks Communication Server Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA29747

VERIFY ADVISORY:
http://secunia.com/advisories/29747/

CRITICAL:
Moderately critical

IMPACT:
Security Bypass, DoS, System access

WHERE:
>From local network

OPERATING SYSTEM:
Nortel Communication Server 1000
http://secunia.com/product/2823/

DESCRIPTION:
Some security issues and vulnerabilities have been reported in Nortel
Communication Server, which can be exploited by malicious people to
bypass certain security restrictions, disclose sensitive information,
cause a DoS (Denial of Service), or potentially compromise a
vulnerable system.

1) An error in the handling of UNIStim IT sequence numbers can be
exploited to spoof commands as a UNIStim client.

Successful exploitation requires that the correct sequence number is
guessed or brute forced.

2) Sixteen hardcoded accounts and passwords may allow e.g. write
access to an affected system.

3) Errors in the command exchange mechanism can be exploited to
inject arbitrary commands.

Successful exploitation of this vulnerability allows to disclose
certain information, gain access to an affected system, or to cause a
DoS.

NOTE: An FTP session exhaustion and a disclosure of web application
structures have also been reported. All issues are currently still
under investigation by the vendor.

The security issues and vulnerabilities are reported in Nortel
Communication Server 4.50.x. Other versions may also be affected.

SOLUTION:
The vendor recommends to install patch MPLR24368 and use SMC2450 to
enable signaling security, which fixes vulnerability #1, and to
restrict network access to affected systems (see vendor advisory for
more information).

PROVIDED AND/OR DISCOVERED BY:
VoIPshield

ORIGINAL ADVISORY:
Nortel:
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455
http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2008/14/023588-01.pdf

VoIPshield:
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,11/_cursor,5/_total,44/tableid,1/
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,27/_cursor,15/_total,44/tableid,1/
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,28/_cursor,16/_total,44/tableid,1/
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,29/_cursor,17/_total,44/tableid,1/
http://www.voipshield.com/component/option,com_fabrik/Itemid,203/task,viewTableRowDetails/fabrik,1/rowid,14/_cursor,3/_total,44/tableid,1/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------