Notified: July 17, 2003 Updated: August 02, 2003
Nortel Networks Response to CERT AdvisoryCA-2003-16 - Buffer Overflow in Microsoft RPC
Nortel Networks supplies and supports both integrated andnon-integrated solutions to its customers. We are taking thisopportunity to complement CERT and Microsoft information withinformation specific to the potential impact of this vulnerability onNortel Networks products and solutions. As well we indicate howNortel Networks products can be used to help effect the mitigationprocedures recommended both by CERT and Microsoft.
A limited number of Nortel Networks products and solutions arepotentially affected by this issue, and the nature of these productsand solutions tends to place them within a private network.Accordingly, if network perimeter protection is employed asrecommended by both CERT and Microsoft (i.e. blocking access to TCP &UDP ports 135, 139, and 445) these products and solutions should notbe vulnerable to attacks from the public Internet.
Nortel Networks would like to inform its customers and partners ofefforts currently under way to respond to this issue:
Embedded Operating Systems
Some Nortel Networks products employ embedded Windows OperatingSystems identified by Microsoft as vulnerable; Product TechnicalBulletins and patches are being developed.
Applications on Windows Operating Systems
Some Nortel Networks applications reside on Windows Operating Systemsidentified by Microsoft as vulnerable; the corresponding Microsoftpatches are being tested against the Nortel Networks applications toconfirm that their functionality will not be impacted.
Clients on Windows Operating Systems
Some Nortel Networks clients reside on workstations supplied byothers, with Windows Operating Systems identified by Microsoft asvulnerable; Nortel Networks recommends that customers follow therecommendations of CERT and Microsoft and apply the appropriatepatches.
Nortel Networks Routing Products to be used for Port Blocking
Nortel Networks routing products are not vulnerable to this issue,but may be configured to protect customer networks by blocking accessto TCP & UDP ports 135, 139, and 445 at the network edge, asrecommended by CERT and Microsoft. Product-specific instructions forport blocking configuration are available for the following Nortelproducts:
- Passport 6000
- Alteon Switched Firewall
- Passport 8600
Nortel Networks Product Status
The following products, which in some way rely on a Microsoftoperating system, have been reviewed or are under review. Otherproducts may be added.
- Succession Multi-service Gateway 4000
- Interactive Multimedia Server
- Communication Server for Enterprise -- Multimedia Exchange
- Multimedia PC Client
- Optivity Telephony Manager
- Optivity NetID
- Optivity Policy Services
- Optivity Switch Manager
- Contivity Configuration Manager
- Symposium including TAPI ICM
- Business Communications Manager
- International Centrex-IP
- Periphonics with OSCAR Speech Server
- Alteon Security Manager
- Network Configuration Manager for BCM
- Preside Site Manager
- Preside System Manager Interface
If you have a Nortel Networks product which is not noted on the listabove, we are currently reviewing our extended product families toidentify if they use components of the Microsoft Operating System andwill issue an updated list as soon as new information is available.
For more information please contact
North America: 1-800-4NORTEL or 1-800-466-7835Europe, Middle East and Africa: 00800 8008 9009, or +44 (0) 870 9079009
Contacts for other regions are available at
Or visit the eService portal at <> under AdvancedSearch
If you are a channel partner, more information canbe found under <http://www.nortelnetworks.com/pic>under Advanced Search.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.