Nortel Networks Affected

Notified:  April 16, 2002 Updated: April 18, 2002



Vendor Statement

A software code update has been issued for Version 3.6.3P25; our recommendation is to upgrade from 3.6.3P24 to that version. The bulletin [see attachment] also gives recommended mitigating practices in case an immediate upgrade is not possible.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


The CERT/CC has no additional comments at this time.