CVE-2008-4999
Nortel UNIStim IP Phone - Remote Ping Denial of Service
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Nortel Networks UNIStim IP Phone 0604DAS allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: this issue could not be reproduced by a third party, who tested it on 0604DAD. In addition, the original researcher was not able to reliably reproduce the issue.
El teléfono IP Nortel Networks UNIStim 0604DAS , permite a atacantes remotos provocar una denegación de servicio (caída) a través de un paquete ping largo ("Ping de la muerte"). Nota: Esta característica no ha podido ser reproducida por terceras partes, que lo chequearon en un 0604DAD. Como añadido, el desarrollador inicial no ha sido capaz de reproducir esta incidencia de forma fideligna.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-02-26 First Exploit
- 2008-11-07 CVE Reserved
- 2008-11-07 CVE Published
- 2024-08-07 CVE Updated
- 2024-11-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/4568 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/488782/100/100/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/488801/100/100/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/488803/100/100/threaded | Mailing List | |
| http://www.securityfocus.com/bid/28004 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/40993 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/31306 | 2008-02-26 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nortel Search vendor "Nortel" | Unistim Ip Phone Search vendor "Nortel" for product "Unistim Ip Phone" | 0604das Search vendor "Nortel" for product "Unistim Ip Phone" and version "0604das" | - |
Affected
| ||||||