TandBerg Information for VU#749342

Multiple vulnerabilities in H.323 implementations



Vendor Statement

Please see the NISCC Vulnerability Advisory 006489/H323 at http://www.uniras.gov.uk/vuls/2004/006489/h323.htm

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References



Per NISCC Vulnerability Advisory 006489/H323 Rev 1.1:


Some malformed H323 signalling can result in denial-of-service (DOS) for TANDBERG videoconferencing endpoints. The endpoints will appear to hang for a while, then restart automatically, returning to normal service.

There are no known issues which involve compromising of audio or video in an encrypted conference, or other loss of sensitive data. We expect to have product update(s) resolving these known issues in Q2-2004.

For further information on this issue contact:

If you have feedback, comments, or additional information about this vulnerability, please send us email.