United States | English [Change]
Welcome, Guest

Nortel Response to Microsoft Security Bulletin MS08-007

Description: Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories On February 12, 2008, Microsoft released a security update MS08-007 - Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026). Some Nortel products contain this software as a component and thus are potentially affected by the vulnerability addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. MS08-007 addresses the following potential vulnerability: 1) Mini-Redirector Heap Overflow Vulnerability - CVE-2008-0080 A remote code execution vulnerability exists in the way that the WebDAV Mini-Redirector handles responses. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical For more information: Please contact your next level of support or visit http://www.nortel.com/contact for support numbers within your region. Nortel security advisories: http://nortel.com/securityadvisories Nortel Partner Information Center (PIC) website: http://www.nortelnetworks.com/pic
Type: Security Advisories
Number: 2008008628, Rev 1
Status: Retired
Date: 2008-06-03


Bulletin Downloads
Title Extension File Size Language
    Nortel Response to Microsoft Security Bulletin MS08-007
Checksum: eca0b99d3c209a8606d2cf4b20143d7b  [MD5]		 [pdf] 23231 bytes English  




Associated Products
Application Server 5200
BroadBand STP
CallPilot
CDMA Networks
CDMA SuperNode Data Manager
Centrex IP Client Manager (CICM)
Centrex IP Element Manager (CICE)
Circuit Switching
Communication Control Toolkit
Communication Server 1000 Telephony Manager
Communication Server 2000
Communication Server 2000 Core Manager
Communication Server 2000 Session Server Trunks
Communication Server 2000-Compact
Communication Server 2100
Contact Center - Express
Contact Center - Multimedia
Contact Center Manager Administration
Contact Center Manager Server
Contact Center Portfolio
DMS-100 SSP
DMS-100/200 Local Switching Systems
DMS-250
DMS-500
DMS-Global Services Platform
DMS-STP
DMS-STP/SSP IntegratedNode (INode)
Enterprise Network Management System
Enterprise Policy Manager
Extended Peripheral Module (XPM)
GSM Networks
GSM-UMTS Home Location Register
  
GSM-UMTS Mobile Switching Center Server
GSM-UMTS SuperNode Data Manager
Integrated Access - Cable
Integrated Element Management System (IEMS)
IP Address Domain Manager
IP Softphone 2050
Media Processing Server (MPS) 1000
Media Processing Server (MPS) 500
Meridian SL-100
Multimedia Communication Server 5100
Multiservice Data Manager (MDM)
Optivity Policy Services for Business Policy Switch
Optivity Telephony Manager for SL-100
Packet Transit - AAL2
Packet Transit - IP
Packet Trunking - AAL1
Periphonics Common Channel Signaling Server (CCSS)
Periphonics Speech Platform
Policy Services application
Self-Service Portfolio
Spectrum Peripheral Module (SPM)
Speech and Self-Service
SuperNode Data Manager
Symposium Agent
Symposium TAPI Service Provider
UMTS Networks
Universal Access - AAL1
Universal Access - IP
VPN Client
VPN Router Portfolio
XA-Core