Vulnslist

find the latest Cisco vulnerabilities

Vulnerabilities in H.323 Message Processing

cisco-sa-20040113-h323 · NA · Published · Updated

Multiple Cisco products contain vulnerabilities in the processing of H.323 messages, which are typically used in Voice over Internet Protocol (VoIP) or multimedia applications. A test suite has been developed by the University of Oulu to target this protocol and identify vulnerabilities. Support for the H.323 protocol was introduced in Cisco IOS® Software Release 11.3T. Release 11.3T, and all later Cisco IOS releases may be affected if the software includes support for voice/multimedia applications. Vulnerable devices include those that contain software support for H.323 as network elements as well as those configured for IOS Network Address Translation (NAT) and those configured for IOS Firewall (also known as Context-Based Access Control [CBAC]). Other Cisco voice products that do not run Cisco IOS may also be affected. These vulnerabilities can be exploited repeatedly to produce a denial of service (DoS). This advisory is available at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040113-h323.

Cisco advisory ·CSAF JSON

Workarounds

No workaround information imported yet.

CVEsCVE-2003-0819, CVE-2004-0054, CVE-2004-0056, CVE-2004-0097
Cisco Bug IDsNA
CVSS ScoreBase NA
Product Names From Source
NA, Cisco ATA Series Analog Telephone Adaptor, Cisco BTS 10200 Softswitch, Cisco Conference Connection, Cisco IP phone, Cisco Internet Service Node (ISN), TANDBERG Codec, Cisco TANDBERG Codec, Cisco Unified Communications Manager

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2004-0097 Cisco OpenVuln
Cisco RV Series Routers CVE-2004-0056 Cisco OpenVuln
Cisco RV Series Routers CVE-2004-0054 Cisco OpenVuln
Cisco RV Series Routers CVE-2003-0819 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2004-0097 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2004-0056 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2004-0054 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2003-0819 Cisco OpenVuln
Cisco IOS Software CVE-2004-0097 Cisco OpenVuln
Cisco IOS Software CVE-2004-0056 Cisco OpenVuln
Cisco IOS Software CVE-2004-0054 Cisco OpenVuln
Cisco IOS Software CVE-2003-0819 Cisco OpenVuln
TANDBERG Codec CVE-2004-0097 Cisco OpenVuln
TANDBERG Codec CVE-2004-0056 Cisco OpenVuln
TANDBERG Codec CVE-2004-0054 Cisco OpenVuln
TANDBERG Codec CVE-2003-0819 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2004-0097 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2004-0056 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2004-0054 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2003-0819 Cisco OpenVuln
Cisco TANDBERG Codec CVE-2004-0097 Cisco OpenVuln
Cisco TANDBERG Codec CVE-2004-0056 Cisco OpenVuln
Cisco TANDBERG Codec CVE-2004-0054 Cisco OpenVuln
Cisco TANDBERG Codec CVE-2003-0819 Cisco OpenVuln
Cisco Internet Service Node (ISN) CVE-2004-0097 Cisco OpenVuln
Cisco Internet Service Node (ISN) CVE-2004-0056 Cisco OpenVuln
Cisco Internet Service Node (ISN) CVE-2004-0054 Cisco OpenVuln
Cisco Internet Service Node (ISN) CVE-2003-0819 Cisco OpenVuln
Cisco IP phone CVE-2004-0097 Cisco OpenVuln
Cisco IP phone CVE-2004-0056 Cisco OpenVuln
Cisco IP phone CVE-2004-0054 Cisco OpenVuln
Cisco IP phone CVE-2003-0819 Cisco OpenVuln
Cisco IOS CVE-2004-0097 Cisco OpenVuln
Cisco IOS CVE-2004-0056 Cisco OpenVuln
Cisco IOS CVE-2004-0054 Cisco OpenVuln
Cisco IOS CVE-2003-0819 Cisco OpenVuln
Cisco Conference Connection CVE-2004-0097 Cisco OpenVuln
Cisco Conference Connection CVE-2004-0056 Cisco OpenVuln
Cisco Conference Connection CVE-2004-0054 Cisco OpenVuln
Cisco Conference Connection CVE-2003-0819 Cisco OpenVuln
Cisco BTS 10200 Softswitch CVE-2004-0097 Cisco OpenVuln
Cisco BTS 10200 Softswitch CVE-2004-0056 Cisco OpenVuln
Cisco BTS 10200 Softswitch CVE-2004-0054 Cisco OpenVuln
Cisco BTS 10200 Softswitch CVE-2003-0819 Cisco OpenVuln
Cisco ATA Series Analog Telephone Adaptor CVE-2004-0097 Cisco OpenVuln
Cisco ATA Series Analog Telephone Adaptor CVE-2004-0056 Cisco OpenVuln
Cisco ATA Series Analog Telephone Adaptor CVE-2004-0054 Cisco OpenVuln
Cisco ATA Series Analog Telephone Adaptor CVE-2003-0819 Cisco OpenVuln