http://support.nortel.com/go/main.jsp?cscat=SECUREADVISORY Nortel Security Advisory Bulletins en-us Nortel - 2006 Mon, 01 Dec 2008 22:30:01 GMT Mon, 01 Dec 2008 22:30:01 GMT http://www.nortel.com/images/template2005/footer/footer_globemark_grey.gif http://support.nortel.com http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=795670&poid= Microsoft Security Updates are updates for the Microsoft Windows operating system and/or other Microsoft applications. This document lists the Security Updates tested with and supported by Nortel CS 1000 Telephony Manager. Please note that Nortel does not distribute or install any Microsoft Security Updates as part of the Telephony Manager (formerly known as Optivity Telephony Manager) product. Following are the software affected releases: - Nortel Communication Server 1000 Telephony Manager (TM) 3.2 . Nortel Communication Server 1000 Telephony Manager (TM) 3.1 (with Service Updates 1, 2, 3. and 4) . Nortel Communication Server 1000 Telephony Manager (TM) 3.0 (with Service Updates 1, 2, 3, 4, and 5) . Optivity Telephony Manager 2.20.78 (with Service Updates 3, 4, and 5) Nortel will endeavor to review all the released Critical Microsoft Security Updates with its applicability for all current and sustained Telephony Manager releases within two business days, immediately after Microsoft has made the public notification. Subsequently, the results of the review are published as a bulletin for that particular Security Update on the Nortel Technical Support website. Applicability of non-critical security updates (Important, Moderate and Low) are published only if they are deemed to have compatibility issues with Telephony Manager. Nortel will update Appendix A of this document with the review & recommendations and make the document available on the Nortel Technical Support Web site on a recurring basis. It is the customer's responsibility to obtain and install all applicable Microsoft Security Updates as recommended and described in this document. For more information please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortel.com/pic Before taking any action please ensure http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=795670&poid= Tue, 18 Nov 2008 22:37:02 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=794474&poid= HP Support has recently provided a fix for an OpenView Network Node Manager Directory Traversal issue and Multiple Denial Of Service Vulnerabilities. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. Without the fix, HP OpenView Network Node Manager is prone to multiple vulnerabilities affecting the 'ovalarmsrv.exe' and 'ovtopmd.exe' processes. These issues include a directory-traversal issue and multiple denial-of-service issues. Attackers can exploit these issues to access potentially sensitive data on the affected computer or to deny service to legitimate users. HP OpenView Network Node Manager 7.53 is vulnerable; other versions may also be affected. This bulletin addresses the following CVE: 1) CVE-2008-0068 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0068) Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.51, 7.53, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=794474&poid= Fri, 14 Nov 2008 20:34:16 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=777492&poid= On October 14th, 2008, Microsoft released a security update MS08-060 - Vulnerability in Active Directory Could Allow Remote Code Execution (957280). Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. MS08-060 addresses the following vulnerability: Active Directory Overflow Vulnerability - CVE-2008-4023 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4023) A remote code execution vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 Server. The vulnerability is due to incorrect memory allocation when receiving specially crafted LDAP or LDAPS requests. An attacker who successfully exploited this vulnerability could take complete control of an affected system. Please refer to the MS08-060 link in the Source section for additional information on workarounds and mitigating factors. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=777492&poid= Fri, 17 Oct 2008 19:42:56 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=779682&poid= On October 14th, 2008, Microsoft released a security update MS08-058 - Cumulative Security Update for Internet Explorer (956390). Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. MS08-058 addresses the following vulnerabilities: 1. CVE-2008-2947 - Window Location Property Cross-Domain Vulnerability (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2947) A remote code execution or information disclosure vulnerability exists in Internet Explorer that could allow an attacker to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow remote code execution or information disclosure, depending on the operating system, if a user viewed the Web page. 2. CVE-2008-3472 - HTML Element Cross-Domain Vulnerability (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3472) A remote code execution or information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow remote code execution or information disclosure, depending on the operating system, if a user viewed the Web page. 3. CVE-2008-3473 - Event Handling Cross-Domain Vulnerability (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3473) A remote code execution or information disclosure vulnerability exists in Internet Explorer that could allow script to gain access to a browser window in another domain or Internet Explorer zone. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow remote code execution or information disclo http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=779682&poid= Fri, 17 Oct 2008 19:42:20 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=774845&poid= This bulletin details Nortel's response to the potential vulnerability released by VoIPshield as VSRNT-2008-011 - MCS 5100 IPCM UFTP Multiple DoS Vulnerabilities Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=774845&poid= Wed, 08 Oct 2008 13:01:04 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=775223&poid= This bulletin details Nortel's response to the potential vulnerability released by VoIPshield as VSRNT-2008-010 - Multimedia Communication Server 5100 Call Spoofing and Redirection. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=775223&poid= Wed, 08 Oct 2008 13:00:33 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=772187&poid= HP Support has recently issued security bulletin c01537275 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS). Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. The vulnerabilities are caused due to unspecified errors in "ovalarmsrv", which can be exploited to cause a DoS. The vulnerabilities are reported in HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, and v7.53 running on HP-UX, Linux, Solaris, and Windows. This bulletin addresses the following CVEs: 1) CVE-2008-3536 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3536) Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3537. 2) CVE-2008-3537 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3537) Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=772187&poid= Fri, 26 Sep 2008 16:56:45 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=767139&poid= Sun Microsystems has recently issued Sun Alert 231524 - Security Vulnerability in Solaris 10 Perl 5.8. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. Solaris 8 and Solaris 9 are not affected by these issues. Sun Alert 231524 (http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1) This bulletin addresses the following CVEs: 1. CVE-2007-5116 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=767139&poid= Mon, 15 Sep 2008 01:42:52 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=766399&poid= On September 9th, 2008, Microsoft released a security update MS08-052 - Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593). Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. MS08-052 addresses the following potential vulnerabilities: 1. GDI+ VML Buffer Overrun Vulnerability - CVE-2007-5348 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5348) A remote code execution vulnerability exists in the way that GDI+ handles gradient sizes. The vulnerability could allow remote code execution if a user browses to a Web site that contains specially crafted content. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. 2. GDI+ EMF Memory Corruption Vulnerability - CVE-2008-3012 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3012) A remote code execution vulnerability exists in the way that GDI+ handles memory allocation. The vulnerability could allow remote code execution if a user opens a specially crafted EMF image file or browses to a Web site that contains specially crafted content. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. 3. GDI+ GIF Parsing Vulnerability - CVE-2008-3013 (http://www.cv http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=766399&poid= Sat, 13 Sep 2008 00:02:33 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=766863&poid= On September 9th, 2008, Microsoft released a security update MS08-0054 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154). Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. MS08-054 addresses the following potential vulnerabilities: 1. Windows Media Player Sampling Rate Vulnerability - CVE-2008-2253 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2253) A remote code execution vulnerability exists in Windows Media Player 11. An attacker could exploit the vulnerability by constructing a specially crafted audio file that could allow remote code execution when streamed from a Windows Media server using Windows Media Player 11. An attacker who successfully exploited this vulnerability could take complete control of an affected system Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=766863&poid= Fri, 12 Sep 2008 23:58:12 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=759943&poid= On Aug 12, 2008, Microsoft released a security update MS08-045 - Cumulative Security Update for Internet Explorer (953838). Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All of the vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Microsoft rates this security update as Critical for all supported releases of Internet Explorer. This security update replaces MS08-031 for Internet Explorer. This security updates addresses the following Common Vulnerability Identifiers (CVEs): 1) CVE-2008-2254 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2254) HTML Objects Memory Corruption Vulnerability A remote code execution vulnerability exists in Internet Explorer due to attempts to access uninitialized memory in certain situations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. 2) CVE-2008-2255 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2255) HTML Objects Memory Corruption Vulnerability A remote code execution vulnerability exists in Internet Explorer due to attempts to access uninitialized memory in certain situations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. 3) CVE-2008-2256 (http://ww http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=759943&poid= Fri, 22 Aug 2008 15:43:09 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=745165&poid= Microsoft issued their monthly security bulletin on 08th July 2008 http://www.microsoft.com/technet/security/bulletin/ms08-Jul.mspx It contains 4 new potential vulnerabilities, rated by Microsoft as follows: Important: MS08-037, MS08-038, MS08-039, MS08-040. After analysis by CICM GNPS we rate these potential vulnerabilities as: Important: MS08-037. Not Applicable: MS08-038, MS08-039, MS08-040. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=745165&poid= Wed, 16 Jul 2008 12:38:43 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=745016&poid= Sun Microsystems has recently issued Sun Alert 238305 - Multiple Security Vulnerabilities in Flash Player for Solaris 10. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. Solaris 8 and Solaris 9 are not affected by these issues. Sun Alert 238305 (http://sunsolve.sun.com/search/document.do?assetkey=1-66-238305-1) This bulletin addresses the following 14 CVEs: 1. CVE-2007-6242 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6242 2. CVE-2007-4768 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4768 3. CVE-2007-5275 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5275 4. CVE-2007-6243 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6243 5. CVE-2007-6244 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6244 6. CVE-2007-6245 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6245 7. CVE-2007-4324 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4324 8. CVE-2007-6246 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6246 9. CVE-2007-5476 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5476 10. CVE-2007-6637 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6637 11. CVE-2007-6019 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6019 12. CVE-2007-0071 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0071 13. CVE-2008-1655 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1655 14. CVE-2008-1654 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1654 Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=745016&poid= Tue, 15 Jul 2008 18:35:42 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=744631&poid= Sun Microsystems has recently issued Sun Alert 236884 - Solaris Print Service DoS or Execution of Arbitrary Code. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. Sun Alert 236884 (http://sunsolve.sun.com/search/document.do?assetkey=1-66-236884-1) This bulletin addresses the following potential vulnerability: 1. CVE-2008-2144 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2144) Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=744631&poid= Tue, 15 Jul 2008 16:10:19 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=738795&poid= VSRNT-2008-009 SIP PC Client Unauthenticated Session Vulnerability --------------------------------------------------------------------------------------------------------------- The Nortel SIP Multimedia PC Client may be vulnerable to receiving unsolicited messages spawning additional windows, such as would be used to propagate SPIT. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=738795&poid= Wed, 25 Jun 2008 21:29:24 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=738961&poid= VSRNT-2008-007 Multimedia PC Client Unlimited Session DoS -------------------------------------------------------------------------------------------------- The Nortel SIP Multimedia PC Client is vulnerable to a Denial of Service (DoS) attack based on resource exhaustion due to the lack of limits on the number of sessions which are allowed. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=738961&poid= Wed, 25 Jun 2008 20:59:22 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=738892&poid= VSRNT-2008-006 CS1000 Oversized Command DoS ----------------------------------------------------------------------------------- The Nortel Communications Server 1000 communications port may be susceptible to a Denial of Service (DoS) when sent specific oversized commands. The issue was identified on CS1000 Release 4.5, and applies to Release 5.0 and Release 5.5. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=738892&poid= Wed, 25 Jun 2008 20:42:58 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=734247&poid= Microsoft issued their monthly security bulletin on 10th June 2008 http://www.microsoft.com/technet/security/bulletin/ms08-jun.mspx It contains 7 new potential vulnerabilities, rated by Microsoft as follows: Critical: MS08-030, MS08-031, MS08-033. Important: MS08-034, MS08-035, MS08-036 Moderate: MS08-032. After analysis by CICM GNPS we rate these potential vulnerabilities as: Important: MS08-031, MS08-033, MS08-034, MS08-035. Not Applicable: MS08-030, MS08-032, MS08-036. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=734247&poid= Fri, 13 Jun 2008 06:32:50 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=726893&poid= Microsoft issued their monthly security bulletin on 13th May 2008 http://www.microsoft.com/technet/security/bulletin/ms08-May.mspx It contains 4 new potential vulnerabilities, rated by Microsoft as follows: Critical: MS08-026, MS08-027, MS08-028. Moderate: MS08-029. After analysis by CICM GNPS we rate these potential vulnerabilities as: Important: MS08-028. Not Applicable: MS08-026, MS08-027, MS08-029. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=726893&poid= Fri, 23 May 2008 10:34:51 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=719698&poid= Nortel has been made aware of a potential vulnerability that may cause the Multimedia PC Client to experience a Buffer Overflow - Flooding the Multimedia PC Client with extraneous messaging can result in the PC Client terminating with an error message. This may also occur when scanning the Multimedia PC Client with the Nessus (www.nessus.org) tool using the "Denial of Service" plug-in, and it is called "Generic flood". Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=719698&poid= Wed, 30 Apr 2008 15:48:20 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=716807&poid= Microsoft issued their monthly security bulletin on 8th April 2008 http://www.microsoft.com/technet/security/bulletin/ms08-Apr.mspx It contains 8 new potential vulnerabilities, rated by Microsoft as follows: Critical: MS08-018, MS08-021, MS08-022, MS08-023, MS08-024. Important: MS08-019, MS08-020, MS08-025. After analysis by CICM GNPS we rate these potential vulnerabilities as: Important: MS08-020, MS08-021, MS08-022, MS08-023, MS08-024, MS08-025. Not Applicable: MS08-018, MS08-019. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=716807&poid= Mon, 21 Apr 2008 11:16:18 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=713455&poid= On April 1, 2008, VoIPshield announced 5 potential security vulnerabilities against Nortel products. This bulletin provides Nortel's response to the VoIPshield announcement. To our knowledge, these potential attacks have not been launched against any of our customers. Nortel is working with VoIPshield to fully understand and reproduce these issues. As the issues are not fully understood at this time, information about Symptoms, Prevention, Mitigation, Risk, and Resolution is not yet finalized. This bulletin will be reissued as more information becomes available. This bulletin addresses the following potential vulnerabilities: 1) CS1000 FTP Session Limit Exhaustion - VSRNT-2008-001 Nortel Severity: Medium Nortel Recommendation: This issue is currently under investigation and an updated or new bulletin will be issued when complete. 2) Nortel UNIStim IT Sequence Number Intercept - VSRNT-2008-002 Nortel Severity: High Nortel Recommendation: Install patch MPLR24368 and use SMC2450 to enable Signaling security. Nortel is continuing investigation to rule out the possibility of any additional vulnerability beyond what has already been addressed. An updated or new bulletin will be issued when this investigation is complete. 3) CS1000 Multiple Hardcoded Passwords - VSRNT-2008-003 Nortel Severity: Medium Nortel Recommendation: This issue is currently under investigation and an updated or new bulletin will be issued when complete. 4) Web Application Structure Disclosure - VSRNT-2008-004 Nortel Severity: Low Nortel Recommendation: This issue is currently under investigation and an updated or new bulletin will be issued when complete. 5) Multiple Command Injection Vulnerabilities - VSRNT-2008-005 Nortel Severity: High Nortel Recommendation: This issue is currently under investigation and an updated or new bulletin will be issued when complete. Other than the specific recommendations in this bulletin, Nortel does not recommend any further action by our customers in respon http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=713455&poid= Thu, 10 Apr 2008 15:28:44 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=702503&poid= Microsoft issued their monthly security bulletin on 11th March. http://www.microsoft.com/technet/security/bulletin/ms08-Mar.mspx It contains 4 new potential vulnerabilities, rated by Microsoft as follows: Critical: MS08-014, MS08-015, MS08-016, MS08-017. After analysis by CICM GNPS we rate these potential vulnerabilities as: Not Applicable: MS08-014, MS08-015, MS08-016, MS08-017. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=702503&poid= Tue, 25 Mar 2008 11:22:53 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=702601&poid= Microsoft issued their monthly security bulletin on 12th February 2008 http://www.microsoft.com/technet/security/bulletin/ms08-Feb.mspx It contains 11 new potential vulnerabilities, rated by Microsoft as follows: Critical: MS08-007, MS08-008, MS08-009, MS08-010, MS08-012, MS08-013. Important: MS08-003, MS08-004, MS08-005, MS08-006, MS08-011. After analysis by CICM GNPS we rate these potential vulnerabilities as: Moderate: MS08-003, MS08-005, MS08-008, MS08-010. Not Applicable: MS08-007, MS08-009, MS08-012, MS08-013, MS08-004, MS08-006, MS08-011. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=702601&poid= Tue, 25 Mar 2008 11:22:32 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=683011&poid= Microsoft issued their monthly security bulletin on 8th January 2008 http://www.microsoft.com/technet/security/bulletin/ms08-Jan.mspx It contains 2 new potential vulnerabilities, rated by Microsoft as follows: Critical: MS08-001. Important: MS08-002. After analysis by CICM GNPS we rate these potential vulnerabilities as: Moderate: MS08-001, MS08-002. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=683011&poid= Tue, 15 Jan 2008 09:20:27 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=677913&poid= Microsoft issued their monthly security bulletin on 12th December 2007 http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx It contains 7 new potential vulnerabilities, rated by Microsoft as follows: Critical: MS07-064, MS07-068, MS07-069. Important: MS07-063, MS07-065, MS07-066, MS07-067. After analysis by CICM GNPS we rate these potential vulnerabilities as: Moderate: MS07-064, MS07-069. Not applicable: MS07-063, MS07-065, MS07-066, MS07-067, MS07-068. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=677913&poid= Fri, 14 Dec 2007 16:23:55 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=670615&poid= Microsoft issued their monthly security bulletin on 13th November 2007 http://www.microsoft.com/technet/security/bulletin/ms07-nov.mspx It contains 2 new potential vulnerabilities, rated by Microsoft as follows: Critical: MS07-061. Important: MS07-062. After analysis by CICM GNPS we rate these potential vulnerabilities as: Moderate: MS07-061. Not applicable: MS07-062. Based on the rating details available at http://www.microsoft.com/technet/security/bulletin/rating.mspx This bulletin details the CICM response to the potential vulnerabilities. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=670615&poid= Thu, 22 Nov 2007 09:16:14 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=654715&poid= Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories Nortel has been made aware of a potential IP Phone DoS Vulnerability - A malicious user who can send spoof packets to a phone is able to freeze it. This applies to the IP Phone irrespective of the Call Server to which it is connected. For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=654715&poid= Wed, 17 Oct 2007 14:28:15 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=654641&poid= Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories Nortel has been made aware of a UNIStim IP Phone DoS potential vulnerability - It is possible for a malicious user to send spoofed signaling messages, forcing an IP phone to re-register. Compass has noted this as an IP Phone forced re-authentication. For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=654641&poid= Wed, 17 Oct 2007 14:27:59 GMT http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=655204&poid= Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories Nortel has been made aware of a CS1000 DoS potential vulnerability - A malicious user who can send packets to specific ports on the E-LAN on the Telephony Server is able to disable the telephony application. For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=655204&poid= Wed, 17 Oct 2007 14:27:45 GMT