A malicious user who can send a flood of packets to specific E-LAN ports on the Telephony Server is able to crash the telephony application. The server needs to be rebooted to resume normal operation.
Nortel has noted this as: Title: Potential CS1000 DoS Vulnerability Number: 2007008384 http://support.nortel.com/go/main.jsp?cscat=SECUREADVISORY
Communication Server 1000 and others.
See associated products on the Nortel advisory.
June 2007: Vulnerability found June 2007: Nortel Security notified October 2007: Nortel Advisory available October 2007: Compass Security Information
Follow the recommended actions for the affected systems, as identified in the Nortel Advisory.