Detections
Analytics

Vulnerabilities in H.323 Message Processing - Cisco Systems

high Nessus Plugin ID 48972

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

Multiple Cisco products contain vulnerabilities in the processing of H.323 messages, which are typically used in Voice over Internet Protocol (VoIP) or multimedia applications. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities.
Support for the H.323 protocol was introduced in Cisco IOS Software Release 11.3T. Release 11.3T, and all later Cisco IOS releases may be affected if the software includes support for voice/multimedia applications. Vulnerable devices include those that contain software support for H.323 as network elements as well as those configured for IOS Network Address Translation (NAT) and those configured for IOS Firewall (also known as Context-Based Access Control [CBAC]).
 Other Cisco voice products that do not run Cisco IOS may also be affected.
These vulnerabilities can be exploited repeatedly to produce a denial of service (DoS).

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20040113-h323.

See Also

http://www.nessus.org/u?3d2630fc

http://www.nessus.org/u?b6b42778

Plugin Details

Severity: High

ID: 48972

File Name: cisco-sa-20040113-h323http.nasl

Version: 1.17

Type: local

Family: CISCO

Published: 9/1/2010

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/13/2004

Vulnerability Publication Date: 1/13/2004

Reference Information

CVE: CVE-2004-0054

BID: 9406