Vulnerability Name:

CVE-2004-2629 (CCN-14173)

Assigned:2004-01-13
Published:2004-01-13
Updated:2008-09-05
Summary:Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express (when used with H.323 conferencing endpoints), Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a denial of service, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2003-0819

Source: MITRE
Type: CNA
CVE-2004-0054

Source: MITRE
Type: CNA
CVE-2004-0056

Source: MITRE
Type: CNA
CVE-2004-0097

Source: MITRE
Type: CNA
CVE-2004-0498

Source: MITRE
Type: CNA
CVE-2004-2629

Source: MITRE
Type: CNA
CVE-2004-2758

Source: CCN
Type: RHSA-2004-047
pwlib security update

Source: CCN
Type: RHSA-2004-048
Updated PWLib packages fix protocol security issues

Source: CCN
Type: SA10611
Microsoft ISA Server 2000 H.323 Protocol Filter Vulnerability

Source: CCN
Type: SA10665
SunForum H.323 Protocol Implementation Vulnerabilities

Source: CCN
Type: SA11192
First Virtual Communications Products H.323 Implementation Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
11192

Source: CCN
Type: SECTRACK ID: 1008685
Cisco IOS Routers Can Be Crashed With Malformed H.323 Packets

Source: CCN
Type: SECTRACK ID: 1008687
Nortel Business Communications Manager H.323 Flaws Let Remote Users Deny Service

Source: CCN
Type: SECTRACK ID: 1008698
Microsoft Internet Security and Acceleration Server H.323 Buffer Overflow Lets Remote Users Execute Arbitrary Code

Source: CCN
Type: SECTRACK ID: 1008749
SunForum H.323 Processing Bug May Let Remote Users Execute Arbitrary Code

Source: CCN
Type: Sun Alert ID: 57476
SunForum is Vulnerable to Issues Described in CERT Advisory CA-2004-01 Multiple H.323 Message

Source: CCN
Type: Sun Alert ID: 101429 (formerly 57476)
Security Vulnerability in SunForum Involving the H.323 Protocol

Source: CONFIRM
Type: UNKNOWN
http://support.fvc.com/eng/docs/misc_docs/H.323_Security_Bulletin.pdf

Source: CCN
Type: CERT Advisory CA-2004-01
Multiple H.323 Message Vulnerabilities

Source: CERT
Type: Third Party Advisory, US Government Resource
CA-2004-01

Source: CCN
Type: CIAC Information Bulletin O-050
Cisco Vulnerabilities in H.323 Message Processing

Source: CCN
Type: Cisco Systems Inc. Security Advisory, 2004 January 13 UTC 1200
Vulnerabilities in H.323 Message Processing

Source: DEBIAN
Type: DSA-448
pwlib -- several vulnerabilities

Source: CCN
Type: University of Oulu Web site
PROTOS Test-Suite: c07-h2250v4

Source: CCN
Type: GLSA-200404-11
Multiple Vulnerabilities in pwlib

Source: CCN
Type: US-CERT VU#749342
Multiple vulnerabilities in H.323 implementations

Source: CCN
Type: BID-9406
Multiple Vendor H.323 Protocol Implementation Vulnerabilities

Source: CCN
Type: BID-9408
Microsoft ISA Server 2000 H.323 Filter Remote Buffer Overflow Vulnerability

Source: CCN
Type: NISCC Vulnerability Advisory 006489/H323
Vulnerability Issues in Implementations of the H.323 Protocol

Source: CCN
Type: NISCC Vulnerability Advisory 060525/H323
An Update to the Vulnerability Issues in Implementations of the H.323 Protocol

Source: MISC
Type: UNKNOWN
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm

Source: CCN
Type: Internet Security Systems Security Alert, January 13, 2004
Multiple Vendor H.323 Implementation Vulnerabilities

Source: XF
Type: UNKNOWN
C07h2250v4-attacktool-malformed-packets(14173)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:first_virtual_communications:click_to_meet_express:h.323:*:*:*:*:*:*:*
  • OR cpe:/a:first_virtual_communications:click_to_meet_premier:h.323:*:*:*:*:*:*:*
  • OR cpe:/a:first_virtual_communications:conference_server:h.323:*:*:*:*:*:*:*
  • OR cpe:/a:first_virtual_communications:v-gate:h.323:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1t:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1e:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1ez:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2x:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0s:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0t:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2t:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ata-186:*:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:next_generation:*:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1ec:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2s:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.3t:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1aa:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1yj:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1xl:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1xm:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1yh:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1yi:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2bx:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2dd:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2dx:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2mc:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2mx:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2zj:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2zl:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2xq:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2xw:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:cisco:conference_connection:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:internet_service_node:*:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0xc:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0xd:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0xn:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0xq:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0xr:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0xt:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1xw:*:*:*:*:*:*:*
  • OR cpe:/a:nortel:business_communications_manager:*:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sunforum:3d_1.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2za:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1xg:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2yb:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2xs:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1yb:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0xg:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1xp:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1xt:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1xc:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_callmanager:3.3:*:*:*:*:*:*:*
  • OR cpe:/a:sun:sunforum:-:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    first_virtual_communications click to meet express h.323
    first_virtual_communications click to meet premier h.323
    first_virtual_communications conference server h.323
    first_virtual_communications v-gate h.323
    hp hp-ux 11.00
    cisco ios 12.0
    cisco ios 12.1t
    cisco ios 12.1e
    cisco ios 12.1ez
    cisco ios 12.2x
    cisco ios 12.0s
    cisco ios 12.0t
    cisco ios 12.1
    cisco ios 12.2t
    cisco ios 12.2
    cisco ata-186 *
    debian debian linux 3.0
    checkpoint next generation *
    cisco ios 12.1ec
    cisco ios 12.2s
    cisco ios 11.3t
    cisco ios 12.1aa
    cisco ios 12.1yj
    cisco ios 12.1xl
    cisco ios 12.1xm
    cisco ios 12.1yh
    cisco ios 12.1yi
    cisco ios 12.2bx
    cisco ios 12.2dd
    cisco ios 12.2dx
    cisco ios 12.2mc
    cisco ios 12.2mx
    cisco ios 12.2zj
    cisco ios 12.2zl
    cisco ios 12.2xq
    cisco ios 12.2xw
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    cisco conference connection -
    cisco internet service node *
    cisco ios 12.0xc
    cisco ios 12.0xd
    cisco ios 12.0xn
    cisco ios 12.0xq
    cisco ios 12.0xr
    cisco ios 12.0xt
    cisco ios 12.1xw
    nortel business communications manager *
    sun sunforum 3d_1.0
    cisco ios 12.2za
    cisco ios 12.1xg
    cisco ios 12.2yb
    cisco ios 12.2xs
    cisco ios 12.1yb
    cisco ios 12.0xg
    cisco ios 12.1xp
    cisco ios 12.1xt
    cisco ios 12.1xc
    cisco unified callmanager 3.3
    sun sunforum -
    gentoo linux *
    mandrakesoft mandrake linux 9.1
    redhat linux 9.0
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux 9.1
    mandrakesoft mandrake linux 9.2