[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISSForum] ISS Security Brief: Multiple Vendor H.323 Implementation Vulnerabilities



-----BEGIN PGP SIGNED MESSAGE-----

Internet Security Systems Security Brief
January 13, 2004

Multiple Vendor H.323 Implementation Vulnerabilities

Synopsis:

Several vendors have reported vulnerabilities in their H.323 based Voice 
over Internet Protocol (VoIP) products.  These reports follow the 
development of a test suite by the University of Oulu, which targets 
products that use the H.323 call signaling protocol H.225.0v4. The test 
suite in question functions by creating malformed or otherwise illegally 
formatted H.225.0v4 call signaling messages, and has uncovered remotely 
exploitable vulnerabilities in many H.323 implementations.

Impact:

Testing has uncovered a number of VoIP vendors to be vulnerable with risks 
ranging from denial of service (DoS) to improper bounds checking resulting 
in possible remote system compromise. Multiple vulnerabilities affect key 
network infrastructure software, including Cisco's Internetwork Operating 
System (IOS) that is ubiquitous to core routing hardware.

Known Affected Products:

Cisco IOS devices using IOS 11.3 - 12.3.
Microsoft ISA Server and Small Business Server
H.323 Implementations from Nortel and Tandberg

For a detailed list of affected products and the complete ISS X-Force 
Security Alert, please visit:
http://xforce.iss.net/xforce/alerts/id/160

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBQAQ5eTRfJiV99eG9AQGJLAQAldGC/Ht6NiocZyWedOJ/6Xlh/bqP+J7L
TfY6p5QwxHQTYi2Wg95nBruszy0FQK6yfn83/dvhiigiaDpxu7kRg61JdyMlt0xZ
h90tOpvVT7sB2EguML5TU6I+whOrVpVGh77J4+kPQu9UhmOIcOF0GFDAs28tPvRS
QvJkbm8BDfQ=
=Zs4Q
-----END PGP SIGNATURE-----
_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo