Nortel Networks Response to CERT Advisory
CA-2003-16 - Buffer Overflow in Microsoft RPC
Nortel Networks supplies and supports both integrated and
non-integrated solutions to its customers. We are taking this
opportunity to complement CERT and Microsoft information with
information specific to the potential impact of this vulnerability on
Nortel Networks products and solutions. As well we indicate how
Nortel Networks products can be used to help effect the mitigation
procedures recommended both by CERT and Microsoft.
A limited number of Nortel Networks products and solutions are
potentially affected by this issue, and the nature of these products
and solutions tends to place them within a private network.
Accordingly, if network perimeter protection is employed as
recommended by both CERT and Microsoft (i.e. blocking access to TCP &
UDP ports 135, 139, and 445) these products and solutions should not
be vulnerable to attacks from the public Internet.
Nortel Networks would like to inform its customers and partners of
efforts currently under way to respond to this issue:
Embedded Operating Systems
Some Nortel Networks products employ embedded Windows Operating
Systems identified by Microsoft as vulnerable; Product Technical
Bulletins and patches are being developed.
Applications on Windows Operating Systems
Some Nortel Networks applications reside on Windows Operating Systems
identified by Microsoft as vulnerable; the corresponding Microsoft
patches are being tested against the Nortel Networks applications to
confirm that their functionality will not be impacted.
Clients on Windows Operating Systems
Some Nortel Networks clients reside on workstations supplied by
others, with Windows Operating Systems identified by Microsoft as
vulnerable; Nortel Networks recommends that customers follow the
recommendations of CERT and Microsoft and apply the appropriate
Nortel Networks Routing Products to be used for Port Blocking
Nortel Networks routing products are not vulnerable to this issue,
but may be configured to protect customer networks by blocking access
to TCP & UDP ports 135, 139, and 445 at the network edge, as
recommended by CERT and Microsoft. Product-specific instructions for
port blocking configuration are available for the following Nortel
- Passport 6000
- Alteon Switched Firewall
- Passport 8600
Nortel Networks Product Status
The following products, which in some way rely on a Microsoft
operating system, have been reviewed or are under review. Other
products may be added.
- Succession Multi-service Gateway 4000
- Interactive Multimedia Server
- Communication Server for Enterprise -- Multimedia Exchange
- Multimedia PC Client
- Optivity Telephony Manager
- Optivity NetID
- Optivity Policy Services
- Optivity Switch Manager
- Contivity Configuration Manager
- Symposium including TAPI ICM
- Business Communications Manager
- International Centrex-IP
- Periphonics with OSCAR Speech Server
- Alteon Security Manager
- Network Configuration Manager for BCM
- Preside Site Manager
- Preside System Manager Interface
If you have a Nortel Networks product which is not noted on the list
above, we are currently reviewing our extended product families to
identify if they use components of the Microsoft Operating System and
will issue an updated list as soon as new information is available.
For more information please contact
North America: 1-800-4NORTEL or 1-800-466-7835
Europe, Middle East and Africa: 00800 8008 9009, or +44 (0) 870 907
Contacts for other regions are available at
Or visit the eService portal at <http://www.nortelnetworks.com/cs
> under Advanced
If you are a channel partner, more information can
be found under <http://www.nortelnetworks.com/pic>
under Advanced Search.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.