Nortel Networks Information for VU#104280

Multiple vulnerabilities in SSL/TLS implementations

Status

Affected

Vendor Statement

The SSL implementation of the following Nortel Networks products is based on OpenSSL and may be affected by the vulnerabilities identified in NISCC Vulnerability Advisory 006489/OpenSSL:

Alteon Switched Firewall
Alteon iSD - SSL Accelerator
Contivity
Succession Communication Server 2000 - Compact (CS2K - Compact)
Preside Service Provisioning

Other Nortel Networks products with SSL implementations are being reviewed and this Vendor Statement may be revised.

For more information please contact

North America: 1-800-4NORTEL or 1-800-466-7835

Europe, Middle East and Africa: 00800 8008 9009, or +44 (0) 870 907 9009

Contacts for other regions are available at http://www.nortelnetworks.com/help/contact/global/

Or visit the eService portal at http://www.nortelnetworks.com/cs under Advanced Search.

If you are a channel partner, more information can be found under http://www.nortelnetworks.com/pic under Advanced Search

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.