CVE-2008-6576

high

Description

Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41804

http://www.voipshield.com/research-details.php?id=11

http://www.securityfocus.com/bid/28691

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=713455

http://securitytracker.com/id?1019845

http://secunia.com/advisories/29747

http://osvdb.org/44380

Details

Source: Mitre, NVD

Published: 2009-04-01

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.01663