|
|
|
View Notes By
|
|
|
|
Other Documents
|
|
|
|
 |
Vulnerability Note VU#749342
Multiple vulnerabilities in H.323 implementations
OverviewA number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. The majority of the vulnerabilities discovered are limited to denial of service impacts; however, several may allow unauthorized code execution.
I. DescriptionThe U.K. National Infrastructure Security Co-ordination Center (NISCC) has reported multiple vulnerabilities in different vendor implementations of the multimedia telephony protocols H.323 and H.225. H.323 and H.225 are international standard protocols, published by the International Telecommunications Union, used to facilitate communication among telephony and multimedia systems. An example of such a system includes VoIP or video-conferencing equipment and software deployed on a network or computer. Sending an exceptional ASN.1 element to a vulnerable telephony component that cannot handle it may cause the application or system behavior to become unpredictable.
A test suite developed by NISCC has exposed vulnerabilities in a variety of H.323/H.225 implementations. While most of these vulnerabilities exist in ASN.1 parsing routines, some vulnerabilities may occur elsewhere. Due to the general lack of specific vulnerability information, this document covers multiple vulnerabilities in different H.323/H.225 implementations. Information about individual vendors is available in the Systems Affected section.
The U.K. National Infrastructure Security Co-ordination Centre is tracking this vulnerability as NISCC/006489/H.323.
II. ImpactThe impacts associated with these vulnerabilities include denial of service, and potential execution of arbitrary code.
III. SolutionPatch or Upgrade
Apply a patch or upgrade as appropriate. Information about specific vendors is available in the Systems Affected section of this document.
One potential workaround includes making sure ports 1720/tcp and 1720/udp are blocked on network perimeters.
Systems Affected
| Vendor | Status | Date Notified | Date Updated |
|---|
| 3Com | Unknown | | 2004-01-12 |
| Alcatel | Unknown | 2004-01-12 | 2004-01-30 |
| Apple Computer, Inc. | Not Vulnerable | 2004-01-12 | 2004-01-13 |
| AT&T | Unknown | | 2004-01-13 |
| Avaya | Unknown | 2004-01-12 | 2004-01-13 |
| Berkeley Software Design, Inc. | Unknown | | 2004-01-13 |
| Borderware | Unknown | | 2004-01-13 |
| Check Point | Vulnerable | 2004-01-12 | 2004-01-30 |
| Cisco Systems, Inc. | Vulnerable | 2004-01-12 | 2004-01-13 |
| Clavister | Not Vulnerable | 2004-01-12 | 2004-01-30 |
| Computer Associates | Unknown | | 2004-01-13 |
| Cyberguard | Not Vulnerable | | 2004-01-13 |
| D-Link Systems | Unknown | | 2004-01-13 |
| Debian Linux | Unknown | | 2004-01-13 |
| EMC Corporation | Unknown | | 2004-01-13 |
| Engarde | Unknown | | 2004-01-13 |
| eSoft | Not Vulnerable | 2004-01-12 | 2004-01-13 |
| Extreme Networks | Unknown | | 2004-01-13 |
| F5 Networks, Inc. | Unknown | | 2004-01-13 |
| Foundry Networks Inc. | Not Vulnerable | 2004-01-12 | 2004-01-30 |
| FreeBSD, Inc. | Unknown | | 2004-01-13 |
| Fujitsu | Unknown | 2004-01-12 | 2004-01-30 |
| Global Technology Associates | Unknown | | 2004-01-13 |
| Hewlett-Packard Company | Vulnerable | 2004-01-12 | 2004-04-05 |
| Hitachi | Not Vulnerable | 2004-01-12 | 2004-01-13 |
| IBM-zSeries | Unknown | | 2004-01-13 |
| IBM eServer | Unknown | | 2004-01-13 |
| Ingrian Networks, Inc. | Unknown | | 2004-01-13 |
| Intel | Vulnerable | 2004-01-12 | 2004-02-27 |
| Intoto | Unknown | | 2004-01-13 |
| Juniper Networks, Inc. | Unknown | | 2004-01-13 |
| Lachman | Unknown | | 2004-01-13 |
| Linksys | Unknown | | 2004-01-13 |
| Lotus Software | Unknown | | 2004-01-13 |
| Lucent Technologies | Unknown | 2004-01-12 | 2004-01-13 |
| Mandriva, Inc. | Unknown | | 2004-01-13 |
| Mandriva, Inc. | Unknown | | 2004-01-13 |
| Microsoft Corporation | Vulnerable | 2004-01-12 | 2004-01-13 |
| Mitel Networks | Unknown | | 2004-02-10 |
| MontaVista Software, Inc. | Unknown | | 2004-01-13 |
| Multi-Tech Systems Inc. | Unknown | | 2004-01-13 |
| NEC Corporation | Unknown | | 2004-01-13 |
| NetBSD | Not Vulnerable | 2004-01-12 | 2004-01-13 |
| Netfilter | Unknown | | 2004-01-13 |
| NetScreen | Not Vulnerable | 2004-01-12 | 2004-01-30 |
| Network Appliance | Unknown | | 2004-01-13 |
| Nokia | Unknown | | 2004-01-13 |
| Nortel Networks, Inc. | Vulnerable | 2004-01-12 | 2004-01-13 |
| Novell, Inc. | Unknown | | 2004-01-13 |
| Objective Systems Inc. | Not Vulnerable | | 2004-01-13 |
| OpenBSD | Unknown | | 2004-01-13 |
| Openwall GNU/*/Linux | Unknown | | 2004-01-13 |
| Oracle Corporation | Unknown | | 2004-01-13 |
| Polycom | Vulnerable | | 2009-07-29 |
| RadVision | Vulnerable | | 2004-01-13 |
| Red Hat, Inc. | Not Vulnerable | 2004-01-12 | 2004-01-13 |
| Riverstone Networks | Unknown | | 2004-01-13 |
| Secure Computing Corporation | Unknown | | 2004-01-13 |
| SecureWorks | Unknown | | 2004-01-13 |
| Sequent Computer Systems, Inc. | Unknown | | 2004-01-13 |
| Sony Corporation | Unknown | 2004-01-12 | 2004-01-30 |
| Stonesoft | Unknown | | 2004-01-13 |
| Sun Microsystems, Inc. | Not Vulnerable | 2004-01-12 | 2004-01-14 |
| SUSE Linux | Unknown | | 2004-01-13 |
| Symantec Corporation | Not Vulnerable | 2004-01-12 | 2004-01-13 |
| TandBerg | Vulnerable | | 2004-01-13 |
| Tumbleweed Communications Corp. | Not Vulnerable | | 2004-01-13 |
| TurboLinux | Unknown | | 2004-01-13 |
| uniGone | Not Vulnerable | | 2004-01-13 |
| Unisys | Unknown | | 2004-01-13 |
| WatchGuard | Unknown | | 2004-01-13 |
| Wind River Systems, Inc. | Unknown | | 2004-01-13 |
| Wirex | Unknown | | 2004-01-13 |
| Xerox | Not Vulnerable | 2004-01-12 | 2004-01-15 |
| ZyXEL | Unknown | | 2004-01-13 |
References
http://www.kb.cert.org/vuls/id/927278
http://www.kb.cert.org/vuls/id/428230
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
http://www.itu.int/itudoc/itu-t/rec/h/h225-0.html
http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/h2250v4/index.html
Credit
The CERT Coordination Center thanks the NISCC Vulnerability Management Team and the University of Oulu Security Programming Group OUSPG for coordinating the discovery and release of the technical details of this issue.
This document was written Jeffrey S. Havrilla based on information from NISCC.
Other Information
| Date Public: | 2003-01-13 |
| Date First Published: | 2004-01-13 |
| Date Last Updated: | 2009-07-29 |
| CERT Advisory: | CA-2004-01 |
| CVE-ID(s): | CVE-2003-0819 |
| NVD-ID(s): | CVE-2003-0819 |
| US-CERT Technical Alerts: | |
| Metric: | 13.67 |
| Document Revision: | 42 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
|
Get Adobe Reader