SkipNavigation
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric



 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

 

Vulnerability Note VU#749342

Multiple vulnerabilities in H.323 implementations

Overview

A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variery of computer networks. The majority of the vulnerabilities discovered are limited to denial of service impacts; however, several may allow unauthorized code execution.

I. Description

The U.K. National Infrastructure Security Co-ordination Center (NISCC) has reported multiple vulnerabilities in different vendor implementations of the multimedia telephony protocols H.323 and H.225. H.323 and H.225 are international standard protocols, published by the International Telecommunications Union, used to facilitate communication among telephony and multimedia systems. An example of such a system includes VoIP or video-conferencing equipment and software deployed on a network or computer. Sending an exceptional ASN.1 element to a vulnerable telephony component that cannot handle it may cause the application or system behavior to become unpredictable.

A test suite developed by NISCC has exposed vulnerabilities in a variety of H.323/H.225 implementations. While most of these vulnerabilities exist in ASN.1 parsing routines, some vulnerabilities may occur elsewhere. Due to the general lack of specific vulnerability information, this document covers multiple vulnerabilities in different H.323/H.225 implementations. Information about individual vendors is available in the Systems Affected section.

The U.K. National Infrastructure Security Co-ordination Centre is tracking this vulnerability as NISCC/006489/H.323.

II. Impact

The impacts associated with these vulnerabilities include denial of service, and potential execution of arbitrary code.

III. Solution

Patch or Upgrade


Apply a patch or upgrade as appropriate. Information about specific vendors is available in the Systems Affected section of this document.
One potential workaround includes making sure ports 1720/tcp and 1720/udp are blocked on network perimeters.

Systems Affected

VendorStatusDate Updated
3ComUnknown12-Jan-2004
AlcatelUnknown30-Jan-2004
Apple Computer, Inc.Not Vulnerable13-Jan-2004
AT&TUnknown13-Jan-2004
AvayaUnknown13-Jan-2004
Berkeley Software Design, Inc.Unknown13-Jan-2004
BorderwareUnknown13-Jan-2004
Check PointVulnerable30-Jan-2004
Cisco Systems, Inc.Vulnerable13-Jan-2004
ClavisterNot Vulnerable30-Jan-2004
Computer AssociatesUnknown13-Jan-2004
CyberguardNot Vulnerable13-Jan-2004
D-Link SystemsUnknown13-Jan-2004
Debian LinuxUnknown13-Jan-2004
EMC CorporationUnknown13-Jan-2004
EngardeUnknown13-Jan-2004
eSoftNot Vulnerable13-Jan-2004
Extreme NetworksUnknown13-Jan-2004
F5 Networks, Inc.Unknown13-Jan-2004
Foundry Networks Inc.Not Vulnerable30-Jan-2004
FreeBSD, Inc.Unknown13-Jan-2004
FujitsuUnknown30-Jan-2004
Global Technology AssociatesUnknown13-Jan-2004
Hewlett-Packard CompanyVulnerable5-Apr-2004
HitachiNot Vulnerable13-Jan-2004
IBM-zSeriesUnknown13-Jan-2004
IBM eServerUnknown13-Jan-2004
Ingrian Networks, Inc.Unknown13-Jan-2004
IntelVulnerable27-Feb-2004
IntotoUnknown13-Jan-2004
Juniper Networks, Inc.Unknown13-Jan-2004
LachmanUnknown13-Jan-2004
LinksysUnknown13-Jan-2004
Lotus SoftwareUnknown13-Jan-2004
Lucent TechnologiesUnknown13-Jan-2004
Mandriva, Inc.Unknown13-Jan-2004
Mandriva, Inc.Unknown13-Jan-2004
Microsoft CorporationVulnerable13-Jan-2004
Mitel NetworksUnknown10-Feb-2004
MontaVista Software, Inc.Unknown13-Jan-2004
Multi-Tech Systems Inc.Unknown13-Jan-2004
NEC CorporationUnknown13-Jan-2004
NetBSDNot Vulnerable13-Jan-2004
NetfilterUnknown13-Jan-2004
NetScreenNot Vulnerable30-Jan-2004
Network ApplianceUnknown13-Jan-2004
NokiaUnknown13-Jan-2004
Nortel Networks, Inc.Vulnerable13-Jan-2004
Novell, Inc.Unknown13-Jan-2004
Objective Systems Inc.Not Vulnerable13-Jan-2004
OpenBSDUnknown13-Jan-2004
Openwall GNU/*/LinuxUnknown13-Jan-2004
Oracle CorporationUnknown13-Jan-2004
PolycomVulnerable30-Nov-2006
RadVisionVulnerable13-Jan-2004
Red Hat, Inc.Not Vulnerable13-Jan-2004
Riverstone NetworksUnknown13-Jan-2004
Secure Computing CorporationUnknown13-Jan-2004
SecureWorksUnknown13-Jan-2004
Sequent Computer Systems, Inc.Unknown13-Jan-2004
Sony CorporationUnknown30-Jan-2004
StonesoftUnknown13-Jan-2004
Sun Microsystems, Inc.Not Vulnerable14-Jan-2004
SUSE LinuxUnknown13-Jan-2004
Symantec CorporationNot Vulnerable13-Jan-2004
TandBergVulnerable13-Jan-2004
Tumbleweed Communications Corp.Not Vulnerable13-Jan-2004
TurboLinuxUnknown13-Jan-2004
uniGoneNot Vulnerable13-Jan-2004
UnisysUnknown13-Jan-2004
WatchGuardUnknown13-Jan-2004
Wind River Systems, Inc.Unknown13-Jan-2004
WirexUnknown13-Jan-2004
XeroxNot Vulnerable15-Jan-2004
ZyXELUnknown13-Jan-2004

References

http://www.kb.cert.org/vuls/id/927278
http://www.kb.cert.org/vuls/id/428230
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
http://www.itu.int/itudoc/itu-t/rec/h/h225-0.html
http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/h2250v4/index.html

Credit

The CERT Coordination Center thanks the NISCC Vulnerability Management Team and the University of Oulu Security Programming Group OUSPG for coordinating the discovery and release of the technical details of this issue.

This document was written Jeffrey S. Havrilla based on information from NISCC.

Other Information

Date Public01/13/2003
Date First Published01/13/2004 09:01:09 AM
Date Last Updated11/30/2006
CERT AdvisoryCA-2004-01
CVE NameCAN-2003-0819
US-CERT Technical Alerts 
Metric13.67
Document Revision40

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2004 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader