Nortel Response to Sun Alert 236521 - Solaris 10 SCTP Potential Vulnerability
| Description: |
Sun Microsystems has recently issued Sun Alert 236521: A Security Vulnerability in Solaris 10 Involving the SCTP Protocol May Result in a Denial of Network Services Due to Network Flooding. Sun has provided fixes for this issue. Some Nortel products contain this software as a component and thus are potentially affected by the vulnerabilities addressed. This bulletin provides a multi-product consolidated response for the Nortel products which are potentially affected. Sun Alert:236521: http://sunsolve.sun.com/search/document.do?assetkey=1-26-236521-1 This bulletin addresses the following potential vulnerabilities: 1. CVE-2008-2089 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2089) Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet. 2. CVE-2008-2090 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2090) Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet. Before taking any action please ensure that you are viewing the latest official version of this security advisory by referencing http://www.nortel.com/securityadvisories |
| Type: |
Security Advisories |
| Number: |
2008008909, Rev 1 |
| Status: |
Retired |
| Date: |
2008-12-01 |
