Vulnerabilities in H.323 Message Processing - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

Multiple Cisco products contain vulnerabilities in the processing of
H.323 messages, which are typically used in Voice over Internet
Protocol (VoIP) or multimedia applications. A test suite has been
developed by the University of Oulu to target this protocol and
identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software
Release 11.3T. Release 11.3T, and all later Cisco IOS releases may be
affected if the software includes support for voice/multimedia
applications. Vulnerable devices include those that contain software
support for H.323 as network elements as well as those configured for
IOS Network Address Translation (NAT) and those configured for IOS
Firewall (also known as Context-Based Access Control [CBAC]).
Other Cisco voice products that do not run Cisco IOS may also be
affected.
These vulnerabilities can be exploited repeatedly to produce a denial
of service (DoS).

See also :

http://www.nessus.org/u?767c198a
http://www.nessus.org/u?3b4f7afb

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20040113-h323.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 48972 (cisco-sa-20040113-h323http.nasl)

Bugtraq ID: 9406

CVE ID: CVE-2004-0054