Vulnerability Name:

CVE-2004-0097 (CCN-14173)

Assigned:2004-01-13
Published:2004-01-13
Updated:2017-10-11
Summary:Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2003-0819

Source: MITRE
Type: CNA
CVE-2004-0054

Source: MITRE
Type: CNA
CVE-2004-0056

Source: MITRE
Type: CNA
CVE-2004-0097

Source: MITRE
Type: CNA
CVE-2004-0498

Source: MITRE
Type: CNA
CVE-2004-2629

Source: MITRE
Type: CNA
CVE-2004-2758

Source: CCN
Type: RHSA-2004-047
pwlib security update

Source: CCN
Type: RHSA-2004-048
Updated PWLib packages fix protocol security issues

Source: CCN
Type: SA10611
Microsoft ISA Server 2000 H.323 Protocol Filter Vulnerability

Source: CCN
Type: SA10665
SunForum H.323 Protocol Implementation Vulnerabilities

Source: CCN
Type: SA11192
First Virtual Communications Products H.323 Implementation Vulnerabilities

Source: CCN
Type: SECTRACK ID: 1008685
Cisco IOS Routers Can Be Crashed With Malformed H.323 Packets

Source: CCN
Type: SECTRACK ID: 1008687
Nortel Business Communications Manager H.323 Flaws Let Remote Users Deny Service

Source: CCN
Type: SECTRACK ID: 1008698
Microsoft Internet Security and Acceleration Server H.323 Buffer Overflow Lets Remote Users Execute Arbitrary Code

Source: CCN
Type: SECTRACK ID: 1008749
SunForum H.323 Processing Bug May Let Remote Users Execute Arbitrary Code

Source: CCN
Type: Sun Alert ID: 57476
SunForum is Vulnerable to Issues Described in CERT Advisory CA-2004-01 Multiple H.323 Message

Source: CCN
Type: Sun Alert ID: 101429 (formerly 57476)
Security Vulnerability in SunForum Involving the H.323 Protocol

Source: CCN
Type: CERT Advisory CA-2004-01
Multiple H.323 Message Vulnerabilities

Source: CERT
Type: Patch, Third Party Advisory, US Government Resource
CA-2004-01

Source: CCN
Type: CIAC Information Bulletin O-050
Cisco Vulnerabilities in H.323 Message Processing

Source: CCN
Type: Cisco Systems Inc. Security Advisory, 2004 January 13 UTC 1200
Vulnerabilities in H.323 Message Processing

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-448

Source: DEBIAN
Type: DSA-448
pwlib -- several vulnerabilities

Source: CCN
Type: University of Oulu Web site
PROTOS Test-Suite: c07-h2250v4

Source: CCN
Type: GLSA-200404-11
Multiple Vulnerabilities in pwlib

Source: CCN
Type: US-CERT VU#749342
Multiple vulnerabilities in H.323 implementations

Source: CERT-VN
Type: Patch, Third Party Advisory, US Government Resource
VU#749342

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2004:047

Source: BID
Type: UNKNOWN
9406

Source: CCN
Type: BID-9406
Multiple Vendor H.323 Protocol Implementation Vulnerabilities

Source: CCN
Type: BID-9408
Microsoft ISA Server 2000 H.323 Filter Remote Buffer Overflow Vulnerability

Source: CCN
Type: NISCC Vulnerability Advisory 006489/H323
Vulnerability Issues in Implementations of the H.323 Protocol

Source: CCN
Type: NISCC Vulnerability Advisory 060525/H323
An Update to the Vulnerability Issues in Implementations of the H.323 Protocol

Source: CCN
Type: Internet Security Systems Security Alert, January 13, 2004
Multiple Vendor H.323 Implementation Vulnerabilities

Source: XF
Type: UNKNOWN
C07h2250v4-attacktool-malformed-packets(14173)

Source: XF
Type: UNKNOWN
pwlib-message-dos(15202)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10056

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:803

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:826

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openh323_project:pwlib:*:*:*:*:*:*:*:* (Version <= 1.6.0)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2004-0097 (CCN-15202)

    Assigned:2004-01-21
    Published:2004-01-21
    Updated:2004-02-13
    Summary:Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
    CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): None
    Integrity (I): None
    Availibility (A): Low
    CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): Complete
    Integrity (I): Complete
    Availibility (A): Complete
    5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): None
    Integrity (I): None
    Availibility (A): Partial
    Vulnerability Consequences:Denial of Service
    References:Source: MITRE
    Type: CNA
    CVE-2004-0097

    Source: CCN
    Type: RHSA-2004-047
    pwlib security update

    Source: CCN
    Type: RHSA-2004-048
    Updated PWLib packages fix protocol security issues

    Source: DEBIAN
    Type: DSA-448
    pwlib -- several vulnerabilities

    Source: CCN
    Type: GLSA-200404-11
    Multiple Vulnerabilities in pwlib

    Source: CCN
    Type: US-CERT VU#749342
    Multiple vulnerabilities in H.323 implementations

    Source: CCN
    Type: GLSA 200404-11
    Multiple Vulnerabilities in pwlib

    Source: CCN
    Type: OpenH323 Project Web site
    OpenH323 Project

    Source: CCN
    Type: BID-9406
    Multiple Vendor H.323 Protocol Implementation Vulnerabilities

    Source: XF
    Type: UNKNOWN
    pwlib-message-dos(15202)

    Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20040097
    V
    		CVE-2004-0097
    2015-11-16
    oval:org.mitre.oval:def:10056
    V
    		Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
    2013-04-29
    oval:org.mitre.oval:def:803
    V
    		RedHat Code Execution and DoS Vulnerabilities in PWLib
    2010-09-20
    oval:org.mitre.oval:def:826
    V
    		RedHat Enterprise 3 Code Execution and DoS Vulnerabilities in PWLib
    2010-09-20
    oval:org.debian:def:448
    V
    		several vulnerabilities
    2004-02-22
    oval:com.redhat.rhsa:def:20040047
    P
    		RHSA-2004:047: pwlib security update (Moderate)
    2004-02-18
    BACK
    openh323_project pwlib *