Rich Adamson
2004-Jan-13 09:38 UTC
[Asterisk-Users] Cisco Multiple Products H.323 Protocol Denial of Service Vulnerabilities
FYI for those that might have an interest...> TITLE: > Cisco Multiple Products H.323 Protocol Denial of Service > Vulnerabilities > > SECUNIA ADVISORY ID: > SA10610 > > VERIFY ADVISORY: > http://www.secunia.com/advisories/10610/ > > CRITICAL: > Moderately critical > > IMPACT: > DoS > > WHERE: > >From remote > > OPERATING SYSTEM: > Cisco ATA 180 Series Analog Telephone Adaptors > Cisco BTS 10200 Softswitch > Cisco IOS 11.x > Cisco IOS 12.x > Cisco IOS R11.x > Cisco IOS R12.x > > SOFTWARE: > Cisco CallManager 3.x > Cisco Conference Connection (CCC) 1.x > Cisco Internet Service Node (ISN) 2.x > Cisco IP Phone 7900 Series > > DESCRIPTION: > Multiple Cisco products contain vulnerabilities in the H.323 protocol > implementation, which can be exploited by malicious people to cause a > DoS (Denial of Service). > > The vulnerabilities are caused due to various errors in the > processing of H.225.0 and Q.931 messages over TCP, which can be > exploited by sending specially crafted messages to an affected system > (default port 1720/tcp). > > Successful exploitation may crash or reboot vulnerable devices and > applications or cause them to consume 100% CPU resources. > > The vulnerabilities affect the following products with H.323 > support: > > * Cisco IOS 11.3T and later versions > * Cisco CallManager versions 3.0 through 3.3 > * Cisco Conference Connection (CCC) > * Cisco Internet Service Node (ISN) > * Cisco BTS 10200 Softswitch > * Cisco 7905 IP Phone H.323 Software Version 1.00 > * Cisco ATA 18x series products running H.323/SIP loads with versions > earlier than 2.16.1 > > SOLUTION: > See patch matrices and workarounds in original advisory: > http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml#software > http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml#workarounds > > PROVIDED AND/OR DISCOVERED BY: > NISCC > > ORIGINAL ADVISORY: > Cisco: > http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml > > NISCC: > http://www.uniras.gov.uk/vuls/2004/006489/h323.htm > > ---------------------------------------------------------------------- > > About: > This Advisory was delivered by Secunia as a free service to help > everybody keeping their systems up to date against the latest > vulnerabilities. > > Subscribe: > http://www.secunia.com/secunia_security_advisories/ > > Definitions: (Criticality, Where etc.) > http://www.secunia.com/about_secunia_advisories/ > > > Please Note: > Secunia recommends that you verify all advisories you receive by > clicking the link. > Secunia NEVER sends attached files with advisories. > Secunia does not advise people to install third party patches, only > use those supplied by the vendor. >