#############################################################
#############################################################
#############################################################
A malicious user who can send a flood of packets to specific E-LAN ports on the Telephony Server is
able to crash the telephony application. The server needs to be rebooted to resume normal operation.
Nortel has noted this as:
Title: Potential CS1000 DoS Vulnerability
Number: 2007008384
http://support.nortel.com/go/main.jsp?cscat=SECUREADVISORY
Communication Server 1000
and others.
See associated products on the Nortel advisory.
June 2007: Vulnerability found
June 2007: Nortel Security notified
October 2007: Nortel Advisory available
October 2007: Compass Security Information
Follow the recommended actions for the affected systems, as identified in the Nortel Advisory.
Reference:
http://www.csnc.ch/static/advisory/secadvisorylist.html