Mitel Networks Information for VU#749342

Multiple vulnerabilities in H.323 implementations

Status

Unknown. If you are the vendor named above, please contact us to update your status.

Vendor Statement

Not vulnerable, with the possible exception of the 5700 Voice First videoconferencing solution and associated video endpoints. Those video products are still under investigation. Mitel Networks Security Advisory MNSA-2004-001 has been issued and distributed to Mitel resellers to address these concerns. Please report any security concerns with Mitel Networks products to "security@mitel.com".

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

This statement has been mirrored at http://www.uniras.gov.uk/vuls/2004/006489/h323.htm#Mitel

An additional copy of the Mitel Networks advisory is available here

- - ---------------------------------------------------------
Mitel Networks Security Advisory MNSA-2004-001: Vulnerability Reports in
H.323 Implementations

  Synopsis:    Interim Statement About Vulnerability Reports in H.323
               Implementations

  Advisory:           MNSA-2004-001

  Release Date:       2004-01-16
  Last Revised:       2004-01-16

  Severity:           Important

  Impact:             See below

  Affected Products:  See below


1. SUMMARY

  On Tuesday, January 13th, advisories were issued by the
  UK National Infrastructure Security Co-Ordination Centre and
  the CERT Coordination Center about potential vulnerabilities
  in multiple implementations of the H.323 protocol used for
  some Voice-over-IP and videoconferencing products.  Exploitation
  of these vulnerabilities could potentially result in a denial-of-
  service attack or remote code execution.

  At the current time Mitel Networks has determined that all of
  its VoIP products are NOT vulnerable as they do not make use
  of the H.323 protocol.

  However, we are still investigating whether or not a potential
  vulnerability exists with the following videoconferencing products:

    * 5700 Voice First Solution
    * 5750 Desktop Video Appliance
    * 5760 Videoconference Appliance

  This advisory will be updated when the results of that investigation
  are complete.


2. RECOMMENDATION

  Until the investigation can be completed Mitel Networks recommends
  that administrators of sites with the 5700 Voice First Solution
  follow the workaround suggested in the CERT advisory of applying
  network filters to block access to H.323 services at network borders
  to minimize any potential denial-of-service attacks originating
  outside your network.  Please see the CERT advisory (URL below) for
  more information.


3. DESCRIPTION

  No vulnerability has yet been identified.  If a vulnerability is
  found, the description will appear here.


4. AFFECTED PRODUCTS

  As noted above, the only Mitel Networks products still under
  investigation are:

    * 5700 Voice First Solution
    * 5750 Desktop Video Appliance
    * 5760 Videoconference Appliance

  It is important to note that no vulnerability has yet been found
  in these products and they are still under active investigation.


5. REFERENCES

  For more information about this potential vulnerability, see:

   
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
   
http://www.cert.org/advisories/CA-2004-01.html


6. REVISION HISTORY

  V1.0 - 16 January 2004 - Initial interim statement


7. CONTACT INFORMATION

  For questions relating to Mitel Networks products, please contact
  the Mitel Networks Product Support organization appropriate for your
  geographic region.

  If you believe you have found a security issue with a Mitel Networks
  product, please e-mail:

    security@mitel.com

  Mitel Networks Product Security Team
  PGP Key ID:  000492A6
  Fingerprint: 1AF0 1058 6DD8 6A18 4032 84B7 4223 5A3B 0004 92A6


Copyright 2004 Mitel Networks Corporation

- - ---------------------------------------------------------

If you have feedback, comments, or additional information about this vulnerability, please send us email.