Command injection

2009-01-0818:30:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.4%

JSON

Nortel Multimedia Communication Server (MSC) 5100 3.0.13 does not verify credentials during call placement, which allows remote attackers to spoof and redirect VoIP calls, possibly related to the snoop command.

CPENameOperatorVersion
multimedia_communication_server_5100eq3.0.13

CPE	Name	Operator	Version
	multimedia_communication_server_5100	eq	3.0.13

References

secunia.com/advisories/32203

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=775223

voipshield.com/research-details.php?id=119

www.securityfocus.com/bid/31640

www.vupen.com/english/advisories/2008/2779

exchange.xforce.ibmcloud.com/vulnerabilities/45752