Buffer overflow vulnerability in Nortel Networks PC Client may allow a remote attacker to execute arbitrary code on the host

Overview

A buffer overflow vulnerability SIP message parsing module of Nortel Networks PC Client SIP phone may allow a remote attacker to execute arbitrary code on host machine or crash the phone.

Impact

Successfully sending a malformed message to the phone crashes the phone and causes denial of service to the user. Attacker can exploit this vulnerability to execute arbitrary code on the host machine where the Nortel Networks PC Client is installed.

Description

Nortel Networks PC Client is a PC-based user application that provides multimedia communications features to users. A buffer overflow vulnerability exists in the SIP header parsing module of Nortel Networks PC Client which may allow a remote attacker to crash the phone. This results in a complete denial of service to the user. Sending such message to multiple users may results in denial of service to large number of users. Additionally, this buffer overflow can also be exploited to execute arbitrary code on the host where the vulnerable phone is installed. If restarted, the phone does function normally.

Related Links

Phone SIP stack implementation should be patched to prevent exploiting such vulnerability.

Vendor Response:

Nortel is aware of Security Advisory VIPER-2007-044 as issued by the Sipera VIPER lab team. We are actively investigating the details in this Advisory to confirm that our latest SIP phones are not susceptible to this vulnerability. A formal Nortel Security Bulletin addressing this Advisory is expected to be available by July 31st.

For more information on any of these threat advisories, please email Sipera VIPER Lab at viper@sipera.com