TandBerg Information for VU#749342

Multiple vulnerabilities in H.323 implementations

Status

Affected

Vendor Statement

Please see the NISCC Vulnerability Advisory 006489/H323 at http://www.uniras.gov.uk/vuls/2004/006489/h323.htm

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

Per NISCC Vulnerability Advisory 006489/H323 Rev 1.1:

Tandberg

Some malformed H323 signalling can result in denial-of-service (DOS) for TANDBERG videoconferencing endpoints. The endpoints will appear to hang for a while, then restart automatically, returning to normal service.

There are no known issues which involve compromising of audio or video in an encrypted conference, or other loss of sensitive data. We expect to have product update(s) resolving these known issues in Q2-2004.

For further information on this issue contact:
security@tandberg.net

If you have feedback, comments, or additional information about this vulnerability, please send us email.