This script is (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch
Multiple Cisco products contain vulnerabilities in the processing of
H.323 messages, which are typically used in Voice over Internet
Protocol (VoIP) or multimedia applications. A test suite has been
developed by the University of Oulu to target this protocol and
Support for the H.323 protocol was introduced in Cisco IOS Software
Release 11.3T. Release 11.3T, and all later Cisco IOS releases may be
affected if the software includes support for voice/multimedia
applications. Vulnerable devices include those that contain software
support for H.323 as network elements as well as those configured for
IOS Network Address Translation (NAT) and those configured for IOS
Firewall (also known as Context-Based Access Control [CBAC]).
Other Cisco voice products that do not run Cisco IOS may also be
These vulnerabilities can be exploited repeatedly to produce a denial
of service (DoS).
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false