Search criteria
11 vulnerabilities found for ata-186 by cisco
VAR-200208-0135
Vulnerability from variot - Updated: 2025-04-03 22:30The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters. The Cisco ATA-186 Analog Telephone Adapter is a hardware device designed to interface between analog telephones and Voice over IP (VoIP). It includes support for web based configuration. Under some circumstances, it may be possible to bypass the authentication required for this web interface. This may be done with a specially formatted change password request. Exploitation allows a remote attacker to reconfigure the vulnerable device. Reportedly, HTTP requests consisting of a single character will cause the device to disclose sensitive configuration information, including the password to the administrative web interface. By viewing the source code of the configuration tool screen page, it can be seen that there are no hidden parameters used to maintain the state, so you can trust the device usage type and HTTP input to determine whether configuration is allowed: For example: if three \"ChangeUIPasswd\" parameters without any value are provided to the system, the ATA-186 will display the login screen, similarly, if all three values of \"ChangeUIPasswd\" are provided, but one of the values does not match the password stored in the device, the login screen will appear again, if all provided correctly parameters, the device considers that the user has passed the authentication and provides configuration information. Interestingly, if only two \"ChangeUIPasswd\" parameters are passed, the device can also allow the user to configure
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200208-0135",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ata-186",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
}
],
"sources": [
{
"db": "BID",
"id": "4712"
},
{
"db": "BID",
"id": "4711"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-022"
},
{
"db": "NVD",
"id": "CVE-2002-0769"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Patrick Michael Kane \u003cpmk-bugtraq@wealsowalkdogs.com\u003e.",
"sources": [
{
"db": "BID",
"id": "4712"
},
{
"db": "BID",
"id": "4711"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0769",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0769",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-5160",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0769",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200208-022",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5160",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5160"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-022"
},
{
"db": "NVD",
"id": "CVE-2002-0769"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters. The Cisco ATA-186 Analog Telephone Adapter is a hardware device designed to interface between analog telephones and Voice over IP (VoIP). It includes support for web based configuration. \nUnder some circumstances, it may be possible to bypass the authentication required for this web interface. This may be done with a specially formatted change password request. Exploitation allows a remote attacker to reconfigure the vulnerable device. \nReportedly, HTTP requests consisting of a single character will cause the device to disclose sensitive configuration information, including the password to the administrative web interface. By viewing the source code of the configuration tool screen page, it can be seen that there are no hidden parameters used to maintain the state, so you can trust the device usage type and HTTP input to determine whether configuration is allowed: For example: if three \\\"ChangeUIPasswd\\\" parameters without any value are provided to the system, the ATA-186 will display the login screen, similarly, if all three values \u200b\u200bof \\\"ChangeUIPasswd\\\" are provided, but one of the values \u200b\u200bdoes not match the password stored in the device, the login screen will appear again, if all provided correctly parameters, the device considers that the user has passed the authentication and provides configuration information. Interestingly, if only two \\\"ChangeUIPasswd\\\" parameters are passed, the device can also allow the user to configure",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0769"
},
{
"db": "BID",
"id": "4712"
},
{
"db": "BID",
"id": "4711"
},
{
"db": "VULHUB",
"id": "VHN-5160"
}
],
"trust": 1.53
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5160",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5160"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0769",
"trust": 2.3
},
{
"db": "BID",
"id": "4711",
"trust": 2.0
},
{
"db": "BID",
"id": "4712",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200208-022",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20020523 ATA-186 PASSWORD DISCLOSURE VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020509 CISCO ATA-186 ADMIN PASSWORD CAN BE TRIVIALLY CIRCUMVENTED",
"trust": 0.6
},
{
"db": "XF",
"id": "9057",
"trust": 0.6
},
{
"db": "XF",
"id": "9056",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75267",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21441",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5160",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5160"
},
{
"db": "BID",
"id": "4712"
},
{
"db": "BID",
"id": "4711"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-022"
},
{
"db": "NVD",
"id": "CVE-2002-0769"
}
]
},
"id": "VAR-200208-0135",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5160"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:30:55.434000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0769"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4711"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4712"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9057.php"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9056.php"
},
{
"trust": 0.6,
"url": "http://www.cisco.com/warp/public/cc/pd/as/180/186/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5160"
},
{
"db": "BID",
"id": "4712"
},
{
"db": "BID",
"id": "4711"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-022"
},
{
"db": "NVD",
"id": "CVE-2002-0769"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5160"
},
{
"db": "BID",
"id": "4712"
},
{
"db": "BID",
"id": "4711"
},
{
"db": "CNNVD",
"id": "CNNVD-200208-022"
},
{
"db": "NVD",
"id": "CVE-2002-0769"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-5160"
},
{
"date": "2002-05-09T00:00:00",
"db": "BID",
"id": "4712"
},
{
"date": "2002-05-09T00:00:00",
"db": "BID",
"id": "4711"
},
{
"date": "2002-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200208-022"
},
{
"date": "2002-08-12T04:00:00",
"db": "NVD",
"id": "CVE-2002-0769"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5160"
},
{
"date": "2009-07-11T12:46:00",
"db": "BID",
"id": "4712"
},
{
"date": "2009-07-11T12:46:00",
"db": "BID",
"id": "4711"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200208-022"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0769"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "4712"
},
{
"db": "BID",
"id": "4711"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ATA-186 WEB Management Interface Access Verification bypasses the vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-022"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200208-022"
}
],
"trust": 0.6
}
}
VAR-200402-0018
Vulnerability from variot - Updated: 2025-04-03 22:11Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. The majority of the vulnerabilities discovered are limited to denial of service impacts; however, several may allow unauthorized code execution. The implementation of the H.323 protocol contains multiple vulnerabilities. Remote attackers can use this vulnerability to conduct denial-of-service attacks on H.323-implemented devices and software, and may execute arbitrary instructions on the system with process privileges. The current investigation results are as follows: 3Com current supplier has no statement about this issue Alcatel current supplier has no statement about this issue Apple Computer Inc. Mac OS X and Mac OS X Server are not affected by this vulnerability AT&T Current supplier has no statement about this issue To make a statement Avaya can see NISCC Vulnerability Advisory 006489/H323:t http://www.uniras.gov.uk/vuls/2004/006489/h323.htm Borderware Current supplier has no statement on this issue Check Point Current supplier has no Statement on this issue BSDI The current supplier has no statement on this issue Cisco Systems Inc. -----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities
Original release date: January 13, 2004 Last revised: -- Source: CERT/CC, NISCC
A complete revision history can be found at the end of this file.
I. Description
The U.K. H.323 is an international standard protocol, published by the International Telecommunications Union, used to facilitate communication among telephony and multimedia systems. Examples of such systems include VoIP, video-conferencing equipment, and network devices that manage H.323 traffic. A test suite developed by NISCC and the University of Oulu Security Programming Group (OUSPG) has exposed multiple vulnerabilities in a variety of implementations of the H.323 protocol (specifically its connection setup sub-protocol H.225.0).
Information about individual vendor H.323 implementations is available in the Vendor Information section below, and in the Vendor Information section of NISCC Vulnerability Advisory 006489/H323.
The U.K. National Infrastructure Security Co-ordination Centre is tracking these vulnerabilities as NISCC/006489/H.323. The CERT/CC is tracking this issue as VU#749342. This reference number corresponds to CVE candidate CAN-2003-0819, as referenced in Microsoft Security Bulletin MS04-001.
II.
III. Solution
Apply a patch or upgrade
Appendix A and the Systems Affected section of Vulnerability Note VU#749342 contain information provided by vendors for this advisory (http://www.kb.cert.org/vuls/id/749342#systems).
However, as vendors report new information to the CERT/CC, we will only update VU#749342. If a particular vendor is not listed, we have not received their comments. Please contact your vendor directly.
Filter network traffic
Sites are encouraged to apply network packet filters to block access to the H.323 services at network borders. This can minimize the potential of denial-of-service attacks originating from outside the perimeter. The specific services that should be filtered include
* 1720/TCP
* 1720/UDP
If access cannot be filtered at the network perimeter, the CERT/CC recommends limiting access to only those external hosts that require H.323 for normal operation. As a general rule, filtering all types of network traffic that are not required for normal operation is recommended.
It is important to note that some firewalls process H.323 packets and may themselves be vulnerable to attack. As noted in some vendor recommendations like Cisco Security Advisory 20040113-h323 and Microsoft Security Bulletin MS04-001, certain sites may actually want to disable application layer inspection of H.323 network packets.
Protecting your infrastructure against these vulnerabilities may require careful coordination among application, computer, network, and telephony administrators. You may have to make tradeoffs between security and functionality until vulnerable products can be updated.
Appendix A. - Vendor Information
This appendix contains information provided by vendors for this advisory. Please see the Systems Affected section of Vulnerability Note VU#749342 and the Vendor Information section of NISCC Vulnerability Advisory 006489/H323 for the latest information regarding the response of the vendor community to this issue.
3Com
No statement is currently available from the vendor regarding this
vulnerability.
Alcatel
No statement is currently available from the vendor regarding this
vulnerability.
Apple Computer Inc.
Apple: Not Vulnerable. Mac OS X and Mac OS X Server do not contain
the issue described in this note.
AT&T
No statement is currently available from the vendor regarding this
vulnerability.
Avaya
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Borderware
No statement is currently available from the vendor regarding this
vulnerability.
Check Point
No statement is currently available from the vendor regarding this
vulnerability.
BSDI
No statement is currently available from the vendor regarding this
vulnerability.
Cisco Systems Inc.
Please see
http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml
Clavister
No statement is currently available from the vendor regarding this
vulnerability.
Computer Associates
No statement is currently available from the vendor regarding this
vulnerability.
Cyberguard
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Debian
No statement is currently available from the vendor regarding this
vulnerability.
D-Link Systems
No statement is currently available from the vendor regarding this
vulnerability.
Conectiva
No statement is currently available from the vendor regarding this
vulnerability.
EMC Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Engarde
No statement is currently available from the vendor regarding this
vulnerability.
eSoft
We don't have an H.323 implementation and thus aren't affected by
this.
Extreme Networks
No statement is currently available from the vendor regarding this
vulnerability.
F5 Networks
No statement is currently available from the vendor regarding this
vulnerability.
Foundry Networks Inc.
No statement is currently available from the vendor regarding this
vulnerability.
FreeBSD
No statement is currently available from the vendor regarding this
vulnerability.
Fujitsu
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Global Technology Associates
No statement is currently available from the vendor regarding this
vulnerability.
Hitachi
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Hewlett-Packard Company
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Ingrian Networks
No statement is currently available from the vendor regarding this
vulnerability.
Intel
No statement is currently available from the vendor regarding this
vulnerability.
Intoto
No statement is currently available from the vendor regarding this
vulnerability.
Juniper Networks
No statement is currently available from the vendor regarding this
vulnerability.
Lachman
No statement is currently available from the vendor regarding this
vulnerability.
Linksys
No statement is currently available from the vendor regarding this
vulnerability.
Lotus Software
No statement is currently available from the vendor regarding this
vulnerability.
Lucent Technologies
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Microsoft Corporation
Please see
http://www.microsoft.com/technet/security/bulletin/MS04-001.asp
MontaVista Software
No statement is currently available from the vendor regarding this
vulnerability.
MandrakeSoft
No statement is currently available from the vendor regarding this
vulnerability.
Multi-Tech Systems Inc.
No statement is currently available from the vendor regarding this
vulnerability.
NEC Corporation
No statement is currently available from the vendor regarding this
vulnerability.
NetBSD
NetBSD does not ship any H.323 implementations as part of the
Operating System.
There are a number of third-party implementations available in the
pkgsrc system. As these products are found to be vulnerable, or
updated, the packages will be updated accordingly. The
audit-packages mechanism can be used to check for known-vulnerable
package versions.
Netfilter
No statement is currently available from the vendor regarding this
vulnerability.
NetScreen
No statement is currently available from the vendor regarding this
vulnerability.
Network Appliance
No statement is currently available from the vendor regarding this
vulnerability.
Nokia
No statement is currently available from the vendor regarding this
vulnerability.
Nortel Networks
The following Nortel Networks Generally Available products and
solutions are potentially affected by the vulnerabilities
identified in NISCC Vulnerability Advisory 006489/H323 and CERT
VU#749342:
Business Communications Manager (BCM) (all versions) is potentially
affected; more information is available in Product Advisory Alert
No. PAA 2003-0392-Global. PAA-2003-0465-Global.
For more information please contact
North America: 1-800-4NORTEL or 1-800-466-7835
Europe, Middle East and Africa: 00800 8008 9009,
or +44 (0) 870 907 9009
Contacts for other regions are available at
http://www.nortelnetworks.com/help/contact/global/
Or visit the eService portal at http://www.nortelnetworks.com/cs
under Advanced Search.
If you are a channel partner, more information can be found under
http://www.nortelnetworks.com/pic
under Advanced Search.
Novell
No statement is currently available from the vendor regarding this
vulnerability.
Objective Systems Inc.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
OpenBSD
No statement is currently available from the vendor regarding this
vulnerability.
Openwall GNU/*/Linux
No statement is currently available from the vendor regarding this
vulnerability.
RadVision
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Red Hat Inc.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Oracle Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Riverstone Networks
No statement is currently available from the vendor regarding this
vulnerability.
Secure Computing Corporation
No statement is currently available from the vendor regarding this
vulnerability.
SecureWorks
No statement is currently available from the vendor regarding this
vulnerability.
Sequent
No statement is currently available from the vendor regarding this
vulnerability.
Sony Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Stonesoft
No statement is currently available from the vendor regarding this
vulnerability.
Sun Microsystems Inc.
Sun SNMP does not provide support for H.323, so we are not
vulnerable. And so far we have not found any bundled products that
are affected by this vulnerability. We are also actively
investigating our unbundled products to see if they are affected.
Updates will be provided to this statement as they become
available.
SuSE Inc.
No statement is currently available from the vendor regarding this
vulnerability.
Symantec Corporation
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Unisys
No statement is currently available from the vendor regarding this
vulnerability.
TandBerg
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Tumbleweed Communications Corp.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
TurboLinux
No statement is currently available from the vendor regarding this
vulnerability.
uniGone
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
WatchGuard
No statement is currently available from the vendor regarding this
vulnerability.
Wirex
No statement is currently available from the vendor regarding this
vulnerability.
Wind River Systems Inc.
No statement is currently available from the vendor regarding this
vulnerability.
Xerox
No statement is currently available from the vendor regarding this
vulnerability.
ZyXEL
No statement is currently available from the vendor regarding this
vulnerability.
_________________________________________________________________
The CERT Coordination Center thanks the NISCC Vulnerability Management Team and the University of Oulu Security Programming Group (OUSPG) for coordinating the discovery and release of the technical details of this issue. ___________
Feedback may be directed to the authors: Jeffrey S. Havrilla, Mindi J. McDowell, Shawn V. Hernan and Jason A. Rafail
This document is available from: http://www.cert.org/advisories/CA-2004-01.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright 2004 Carnegie Mellon University.
Revision History January 13, 2004: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBQASK7JZ2NNT/dVAVAQG65wP8C7DyEvZGz0HqXtRqk+PAjjpMqex1hdjT BfkT6oHMhTWIdvUE1mpAwnV7OPL+N+UugCC0bAEXQzBy/YkBBOptt7IZdIeOlInh AP0RO5zqt0GqMIrdW7P14iWBX2lLCQaMUgWNyvK4ZTNE9UzpOgBk2JonfBLjbH77 KeVgAqcfP2M= =p0GQ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200402-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": null,
"trust": 5.1,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": null,
"trust": 3.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": null,
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t",
"scope": null,
"trust": 2.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": null,
"trust": 2.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2",
"scope": null,
"trust": 2.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s7",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s1",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "802.11 wireless ip gateway",
"scope": null,
"trust": 1.4,
"vendor": "nortel",
"version": null
},
{
"model": "succession communication server 1000",
"scope": null,
"trust": 1.4,
"vendor": "nortel",
"version": null
},
{
"model": "business communications manager",
"scope": null,
"trust": 1.4,
"vendor": "nortel",
"version": null
},
{
"model": "ios 12.1 ec",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "802.11 wireless ip gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "succession communication server 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "business communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st6",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e12",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e7",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s2",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s6",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "radvision",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tandberg",
"version": null
},
{
"model": "ios 12.0 st7",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5a",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.1 aa",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xm4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(22)"
},
{
"model": "opencall multiservice controller",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "ios 12.1 yh3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 [ vpn des strong ] sp2 build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141716"
},
{
"model": "ios 12.2yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(1)"
},
{
"model": "ios 12.1 yf4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios 12.2 xa5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(7)"
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.3,
"vendor": "pwlib",
"version": "1.4.7"
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(27)"
},
{
"model": "ios 11.3ha",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(5)"
},
{
"model": "ios 12.1xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(20)"
},
{
"model": "isa server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2 t0a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3ma",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1x",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yz2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.0 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications v-gate",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "4000"
},
{
"model": "ios 12.2 ya8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb15",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ec1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 xh2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 11.3 t2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(14.5)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure host media processing software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "1.0"
},
{
"model": "ios 12.0xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 mc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios t",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.2"
},
{
"model": "sg208",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "ios 12.1xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(11)"
},
{
"model": "ios 12.1xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(18.4)"
},
{
"model": "ios 12.2 sl1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sy1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(17)"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks succession",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ios 12.2xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet premier",
"scope": null,
"trust": 0.3,
"vendor": "first",
"version": null
},
{
"model": "fedora core3",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.1xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.0"
},
{
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(17)"
},
{
"model": "ios 12.1xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yy3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xy6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(8)"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xp4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e18",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "1.02"
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.3 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1xv"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ez2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(8)"
},
{
"model": "pwlib-1.2.12-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.2xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications conference server",
"scope": null,
"trust": 0.3,
"vendor": "first",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(7)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios 12.1xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(4)"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 t10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "ios 12.0 st4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure pbx-ip media gateway",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios 12.0xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ez",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "1.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 zh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv3"
},
{
"model": "ios 12.1 yf2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.3,
"vendor": "pwlib",
"version": "1.5.0"
},
{
"model": "point software firewall-1 [ vpn des strong ] build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141439"
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.2"
},
{
"model": "ios 12.1 e14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software ng-ai",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(9)"
},
{
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.1 e16",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.2 mx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e14",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ez1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(12.05)"
},
{
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(1)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e13",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3wa4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 t5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios 12.1 yb4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "sg5x",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "ios 12.2 t4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(28)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(3)"
},
{
"model": "ios 12.0 st5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 db1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(3)"
},
{
"model": "ios 12.2 xd4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xg5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "ios 12.1 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(1.1)"
},
{
"model": "netstructure ipt ip boards",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "internet service node",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(18.2)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "isa server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 xd3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xu1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": "ios 12.0 s2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fedora core2",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "opencall multiservice controller patch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.137"
},
{
"model": "networks wireless ip gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "(802.11)"
},
{
"model": "ios 12.1yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "sg203",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.31.29"
},
{
"model": "ios 12.2 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(4)"
},
{
"model": "ios 12.1xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 db2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(17)"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.1 ec3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t12",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(3.2)"
},
{
"model": "ios 11.3da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios ed",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "ios 12.2 zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3na",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zl1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xh3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zb7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5x",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.3"
},
{
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.11"
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3.1"
},
{
"model": "ios 12.2 xm2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 xs2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2 yw2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t15",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.2 xj1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks business communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "ios 12.1 xm7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications v-gate",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "5000"
},
{
"model": "ios 12.2yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure dmip ip boards",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "point software firewall-1 [ vpn des ]",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "+4.1"
},
{
"model": "opencall multiservice controller patch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.146"
},
{
"model": "ios 12.2 yw3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(26)"
},
{
"model": "conference connection",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.1"
},
{
"model": "ios 12.2 xb11",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pwlib-1.3.3-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(9)"
},
{
"model": "ios 12.2 zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2 sx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sunforum 3d",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0"
},
{
"model": "ios 12.2 xb3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-049"
},
{
"db": "NVD",
"id": "CVE-2004-0056"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "University of Oulu Security Programming Group",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-049"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0056",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0056",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-8486",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0056",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#749342",
"trust": 0.8,
"value": "13.67"
},
{
"author": "NVD",
"id": "CVE-2004-0056",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200402-049",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-8486",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "VULHUB",
"id": "VHN-8486"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-049"
},
{
"db": "NVD",
"id": "CVE-2004-0056"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. The majority of the vulnerabilities discovered are limited to denial of service impacts; however, several may allow unauthorized code execution. The implementation of the H.323 protocol contains multiple vulnerabilities. Remote attackers can use this vulnerability to conduct denial-of-service attacks on H.323-implemented devices and software, and may execute arbitrary instructions on the system with process privileges. The current investigation results are as follows: 3Com current supplier has no statement about this issue Alcatel current supplier has no statement about this issue Apple Computer Inc. Mac OS X and Mac OS X Server are not affected by this vulnerability AT\u0026T Current supplier has no statement about this issue To make a statement Avaya can see NISCC Vulnerability Advisory 006489/H323:t http://www.uniras.gov.uk/vuls/2004/006489/h323.htm Borderware Current supplier has no statement on this issue Check Point Current supplier has no Statement on this issue BSDI The current supplier has no statement on this issue Cisco Systems Inc. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities\n\n Original release date: January 13, 2004\n Last revised: --\n Source: CERT/CC, NISCC\n\n A complete revision history can be found at the end of this file. \n\nI. Description\n\n The U.K. H.323 is\n an international standard protocol, published by the International\n Telecommunications Union, used to facilitate communication among\n telephony and multimedia systems. Examples of such systems include\n VoIP, video-conferencing equipment, and network devices that manage\n H.323 traffic. A test suite developed by NISCC and the University of\n Oulu Security Programming Group (OUSPG) has exposed multiple\n vulnerabilities in a variety of implementations of the H.323 protocol\n (specifically its connection setup sub-protocol H.225.0). \n\n Information about individual vendor H.323 implementations is available\n in the Vendor Information section below, and in the Vendor Information\n section of NISCC Vulnerability Advisory 006489/H323. \n\n The U.K. National Infrastructure Security Co-ordination Centre is\n tracking these vulnerabilities as NISCC/006489/H.323. The CERT/CC is\n tracking this issue as VU#749342. This reference number corresponds to\n CVE candidate CAN-2003-0819, as referenced in Microsoft Security\n Bulletin MS04-001. \n\nII. \n\nIII. Solution\n\nApply a patch or upgrade\n\n Appendix A and the Systems Affected section of Vulnerability Note\n VU#749342 contain information provided by vendors for this advisory\n (\u003chttp://www.kb.cert.org/vuls/id/749342#systems\u003e). \n\n However, as vendors report new information to the CERT/CC, we will\n only update VU#749342. If a particular vendor is not listed, we have\n not received their comments. Please contact your vendor directly. \n\nFilter network traffic\n\n Sites are encouraged to apply network packet filters to block access\n to the H.323 services at network borders. This can minimize the\n potential of denial-of-service attacks originating from outside the\n perimeter. The specific services that should be filtered include\n\n * 1720/TCP\n * 1720/UDP\n\n If access cannot be filtered at the network perimeter, the CERT/CC\n recommends limiting access to only those external hosts that require\n H.323 for normal operation. As a general rule, filtering all types of\n network traffic that are not required for normal operation is\n recommended. \n\n It is important to note that some firewalls process H.323 packets and\n may themselves be vulnerable to attack. As noted in some vendor\n recommendations like Cisco Security Advisory 20040113-h323 and\n Microsoft Security Bulletin MS04-001, certain sites may actually want\n to disable application layer inspection of H.323 network packets. \n\n Protecting your infrastructure against these vulnerabilities may\n require careful coordination among application, computer, network, and\n telephony administrators. You may have to make tradeoffs between\n security and functionality until vulnerable products can be updated. \n\nAppendix A. - Vendor Information\n\n This appendix contains information provided by vendors for this\n advisory. Please see the Systems Affected section of Vulnerability\n Note VU#749342 and the Vendor Information section of NISCC\n Vulnerability Advisory 006489/H323 for the latest information\n regarding the response of the vendor community to this issue. \n\n3Com\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nAlcatel\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nApple Computer Inc. \n\n Apple: Not Vulnerable. Mac OS X and Mac OS X Server do not contain\n the issue described in this note. \n\nAT\u0026T\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nAvaya\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nBorderware\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCheck Point\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nBSDI\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCisco Systems Inc. \n\n Please see\n http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml\n\nClavister\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nComputer Associates\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCyberguard\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nDebian\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nD-Link Systems\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nConectiva\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nEMC Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nEngarde\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\neSoft\n\n We don\u0027t have an H.323 implementation and thus aren\u0027t affected by\n this. \n\nExtreme Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nF5 Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFoundry Networks Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFreeBSD\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFujitsu\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nGlobal Technology Associates\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nHitachi\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nHewlett-Packard Company\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nIngrian Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nIntel\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nIntoto\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nJuniper Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLachman\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLinksys\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLotus Software\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLucent Technologies\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nMicrosoft Corporation\n\n Please see\n http://www.microsoft.com/technet/security/bulletin/MS04-001.asp\n\nMontaVista Software\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nMandrakeSoft\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nMulti-Tech Systems Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNEC Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetBSD\n\n NetBSD does not ship any H.323 implementations as part of the\n Operating System. \n\n There are a number of third-party implementations available in the\n pkgsrc system. As these products are found to be vulnerable, or\n updated, the packages will be updated accordingly. The\n audit-packages mechanism can be used to check for known-vulnerable\n package versions. \n\nNetfilter\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetScreen\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetwork Appliance\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNokia\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNortel Networks\n\n The following Nortel Networks Generally Available products and\n solutions are potentially affected by the vulnerabilities\n identified in NISCC Vulnerability Advisory 006489/H323 and CERT\n VU#749342:\n\n Business Communications Manager (BCM) (all versions) is potentially\n affected; more information is available in Product Advisory Alert\n No. PAA 2003-0392-Global. PAA-2003-0465-Global. \n\n For more information please contact\n\n North America: 1-800-4NORTEL or 1-800-466-7835\n Europe, Middle East and Africa: 00800 8008 9009,\n or +44 (0) 870 907 9009\n\n Contacts for other regions are available at\n\n http://www.nortelnetworks.com/help/contact/global/\n\n Or visit the eService portal at http://www.nortelnetworks.com/cs\n under Advanced Search. \n\n If you are a channel partner, more information can be found under\n\n http://www.nortelnetworks.com/pic\n\n under Advanced Search. \n\nNovell\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nObjective Systems Inc. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nOpenBSD\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nOpenwall GNU/*/Linux\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nRadVision\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nRed Hat Inc. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nOracle Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nRiverstone Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSecure Computing Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSecureWorks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSequent\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSony Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nStonesoft\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSun Microsystems Inc. \n\n Sun SNMP does not provide support for H.323, so we are not\n vulnerable. And so far we have not found any bundled products that\n are affected by this vulnerability. We are also actively\n investigating our unbundled products to see if they are affected. \n Updates will be provided to this statement as they become\n available. \n\nSuSE Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSymantec Corporation\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nUnisys\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nTandBerg\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nTumbleweed Communications Corp. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nTurboLinux\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nuniGone\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nWatchGuard\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nWirex\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nWind River Systems Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nXerox\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nZyXEL\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n _________________________________________________________________\n\n The CERT Coordination Center thanks the NISCC Vulnerability Management\n Team and the University of Oulu Security Programming Group (OUSPG) for\n coordinating the discovery and release of the technical details of\n this issue. \n _________________________________________________________________\n\n Feedback may be directed to the authors: Jeffrey S. Havrilla, Mindi J. \n McDowell, Shawn V. Hernan and Jason A. Rafail\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2004-01.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n ______________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright 2004 Carnegie Mellon University. \n\n Revision History\nJanuary 13, 2004: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBQASK7JZ2NNT/dVAVAQG65wP8C7DyEvZGz0HqXtRqk+PAjjpMqex1hdjT\nBfkT6oHMhTWIdvUE1mpAwnV7OPL+N+UugCC0bAEXQzBy/YkBBOptt7IZdIeOlInh\nAP0RO5zqt0GqMIrdW7P14iWBX2lLCQaMUgWNyvK4ZTNE9UzpOgBk2JonfBLjbH77\nKeVgAqcfP2M=\n=p0GQ\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0056"
},
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "VULHUB",
"id": "VHN-8486"
},
{
"db": "PACKETSTORM",
"id": "32511"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0056",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#749342",
"trust": 3.4
},
{
"db": "BID",
"id": "9406",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1008687",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000669",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200402-049",
"trust": 0.7
},
{
"db": "CERT/CC",
"id": "CA-2004-01",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-8486",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "32511",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "VULHUB",
"id": "VHN-8486"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-049"
},
{
"db": "NVD",
"id": "CVE-2004-0056"
}
]
},
"id": "VAR-200402-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8486"
}
],
"trust": 0.55567543
},
"last_update_date": "2025-04-03T22:11:06.173000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "others (CWE-Other) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"db": "NVD",
"id": "CVE-2004-0056"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"trust": 2.9,
"url": "http://www.cert.org/advisories/ca-2004-01.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/9406"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1008687"
},
{
"trust": 0.8,
"url": "http://www.itu.int/itudoc/itu-t/rec/h/h225-0.html"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/h2250v4/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0056"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/alerts/h323.html"
},
{
"trust": 0.3,
"url": "http://support.fvc.com/eng/docs/misc_docs/h.323_security_bulletin.pdf"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/h323_hf.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101429-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://support.avaya.com/japple/css/japple?temp.groupid=128450\u0026temp.selectedfamily=128451\u0026temp.selectedproduct=154235\u0026temp.selectedbucket=126655\u0026temp.feedbackstate=askforfeedback\u0026temp.documentid=15871"
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/749342#systems\u003e)."
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms04-001.asp"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/help/contact/global/"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/cs"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/pic"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "VULHUB",
"id": "VHN-8486"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-049"
},
{
"db": "NVD",
"id": "CVE-2004-0056"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "VULHUB",
"id": "VHN-8486"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-049"
},
{
"db": "NVD",
"id": "CVE-2004-0056"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#749342"
},
{
"date": "2004-02-17T00:00:00",
"db": "VULHUB",
"id": "VHN-8486"
},
{
"date": "2004-01-13T00:00:00",
"db": "BID",
"id": "9406"
},
{
"date": "2024-05-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"date": "2004-01-14T18:44:00",
"db": "PACKETSTORM",
"id": "32511"
},
{
"date": "2004-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-049"
},
{
"date": "2004-02-17T05:00:00",
"db": "NVD",
"id": "CVE-2004-0056"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-07-29T00:00:00",
"db": "CERT/CC",
"id": "VU#749342"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-8486"
},
{
"date": "2007-11-15T00:39:00",
"db": "BID",
"id": "9406"
},
{
"date": "2024-05-23T03:47:00",
"db": "JVNDB",
"id": "JVNDB-2004-000669"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-049"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0056"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-049"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in H.323 implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "9406"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-049"
}
],
"trust": 0.9
}
}
VAR-200402-0016
Vulnerability from variot - Updated: 2025-04-03 22:11Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. The majority of the vulnerabilities discovered are limited to denial of service impacts; however, several may allow unauthorized code execution. H.323 Support protocol Cisco IOS(IOS Software release 11.3T Or later ) At H.323 Insufficient handling of messages. According to the information provided by the vendor, H.323 Supported by protocol Cisco IOS In addition to software, some Cisco IOS Products other than software are also affected. Also, IOS NAT And IOS Firewall ( CBAC ) May be affected for systems that have) enabled. Check the information provided by the vendor for more information. In addition, H.323 Vulnerabilities related to this vulnerability have been confirmed in other systems that implement the protocol. Remote attackers can use this vulnerability to conduct denial-of-service attacks on H.323-implemented devices and software, and may execute arbitrary instructions on the system with process privileges. The current investigation results are as follows: 3Com current supplier has no statement about this issue Alcatel current supplier has no statement about this issue Apple Computer Inc. Mac OS X and Mac OS X Server are not affected by this vulnerability AT&T Current supplier has no statement about this issue To make a statement Avaya can see NISCC Vulnerability Advisory 006489/H323:t http://www.uniras.gov.uk/vuls/2004/006489/h323.htm Borderware Current supplier has no statement on this issue Check Point Current supplier has no Statement on this issue BSDI The current supplier has no statement on this issue Cisco Systems Inc. -----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities
Original release date: January 13, 2004 Last revised: -- Source: CERT/CC, NISCC
A complete revision history can be found at the end of this file.
I. Description
The U.K. H.323 is an international standard protocol, published by the International Telecommunications Union, used to facilitate communication among telephony and multimedia systems. Examples of such systems include VoIP, video-conferencing equipment, and network devices that manage H.323 traffic. A test suite developed by NISCC and the University of Oulu Security Programming Group (OUSPG) has exposed multiple vulnerabilities in a variety of implementations of the H.323 protocol (specifically its connection setup sub-protocol H.225.0).
The U.K. National Infrastructure Security Co-ordination Centre is tracking these vulnerabilities as NISCC/006489/H.323. The CERT/CC is tracking this issue as VU#749342. This reference number corresponds to CVE candidate CAN-2003-0819, as referenced in Microsoft Security Bulletin MS04-001.
II.
III. Solution
Apply a patch or upgrade
Appendix A and the Systems Affected section of Vulnerability Note VU#749342 contain information provided by vendors for this advisory (http://www.kb.cert.org/vuls/id/749342#systems).
However, as vendors report new information to the CERT/CC, we will only update VU#749342. If a particular vendor is not listed, we have not received their comments. Please contact your vendor directly.
Filter network traffic
Sites are encouraged to apply network packet filters to block access to the H.323 services at network borders. This can minimize the potential of denial-of-service attacks originating from outside the perimeter. The specific services that should be filtered include
* 1720/TCP
* 1720/UDP
If access cannot be filtered at the network perimeter, the CERT/CC recommends limiting access to only those external hosts that require H.323 for normal operation. As a general rule, filtering all types of network traffic that are not required for normal operation is recommended.
It is important to note that some firewalls process H.323 packets and may themselves be vulnerable to attack. As noted in some vendor recommendations like Cisco Security Advisory 20040113-h323 and Microsoft Security Bulletin MS04-001, certain sites may actually want to disable application layer inspection of H.323 network packets.
Protecting your infrastructure against these vulnerabilities may require careful coordination among application, computer, network, and telephony administrators. You may have to make tradeoffs between security and functionality until vulnerable products can be updated.
Appendix A. Please see the Systems Affected section of Vulnerability Note VU#749342 and the Vendor Information section of NISCC Vulnerability Advisory 006489/H323 for the latest information regarding the response of the vendor community to this issue.
3Com
No statement is currently available from the vendor regarding this
vulnerability.
Alcatel
No statement is currently available from the vendor regarding this
vulnerability.
Apple Computer Inc.
Apple: Not Vulnerable. Mac OS X and Mac OS X Server do not contain
the issue described in this note.
AT&T
No statement is currently available from the vendor regarding this
vulnerability.
Avaya
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Borderware
No statement is currently available from the vendor regarding this
vulnerability.
BSDI
No statement is currently available from the vendor regarding this
vulnerability.
Cisco Systems Inc.
Please see
http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml
Clavister
No statement is currently available from the vendor regarding this
vulnerability.
Computer Associates
No statement is currently available from the vendor regarding this
vulnerability.
Cyberguard
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Debian
No statement is currently available from the vendor regarding this
vulnerability.
D-Link Systems
No statement is currently available from the vendor regarding this
vulnerability.
Conectiva
No statement is currently available from the vendor regarding this
vulnerability.
EMC Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Engarde
No statement is currently available from the vendor regarding this
vulnerability.
eSoft
We don't have an H.323 implementation and thus aren't affected by
this.
Extreme Networks
No statement is currently available from the vendor regarding this
vulnerability.
F5 Networks
No statement is currently available from the vendor regarding this
vulnerability.
Foundry Networks Inc.
No statement is currently available from the vendor regarding this
vulnerability.
FreeBSD
No statement is currently available from the vendor regarding this
vulnerability.
Fujitsu
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Global Technology Associates
No statement is currently available from the vendor regarding this
vulnerability.
Hitachi
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Hewlett-Packard Company
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Ingrian Networks
No statement is currently available from the vendor regarding this
vulnerability.
Intel
No statement is currently available from the vendor regarding this
vulnerability.
Intoto
No statement is currently available from the vendor regarding this
vulnerability.
Juniper Networks
No statement is currently available from the vendor regarding this
vulnerability.
Lachman
No statement is currently available from the vendor regarding this
vulnerability.
Linksys
No statement is currently available from the vendor regarding this
vulnerability.
Lotus Software
No statement is currently available from the vendor regarding this
vulnerability.
Lucent Technologies
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Microsoft Corporation
Please see
http://www.microsoft.com/technet/security/bulletin/MS04-001.asp
MontaVista Software
No statement is currently available from the vendor regarding this
vulnerability.
MandrakeSoft
No statement is currently available from the vendor regarding this
vulnerability.
Multi-Tech Systems Inc.
No statement is currently available from the vendor regarding this
vulnerability.
NEC Corporation
No statement is currently available from the vendor regarding this
vulnerability.
NetBSD
NetBSD does not ship any H.323 implementations as part of the
Operating System.
There are a number of third-party implementations available in the
pkgsrc system. As these products are found to be vulnerable, or
updated, the packages will be updated accordingly. The
audit-packages mechanism can be used to check for known-vulnerable
package versions.
Netfilter
No statement is currently available from the vendor regarding this
vulnerability.
NetScreen
No statement is currently available from the vendor regarding this
vulnerability.
Network Appliance
No statement is currently available from the vendor regarding this
vulnerability.
Nokia
No statement is currently available from the vendor regarding this
vulnerability.
Nortel Networks
The following Nortel Networks Generally Available products and
solutions are potentially affected by the vulnerabilities
identified in NISCC Vulnerability Advisory 006489/H323 and CERT
VU#749342:
Business Communications Manager (BCM) (all versions) is potentially
affected; more information is available in Product Advisory Alert
No. PAA 2003-0392-Global.
Succession 1000 IP Trunk and IP Peer Networking, and 802.11
Wireless IP Gateway are potentially affected; more information is
available in Product Advisory Alert No. PAA-2003-0465-Global.
For more information please contact
North America: 1-800-4NORTEL or 1-800-466-7835
Europe, Middle East and Africa: 00800 8008 9009,
or +44 (0) 870 907 9009
Contacts for other regions are available at
http://www.nortelnetworks.com/help/contact/global/
Or visit the eService portal at http://www.nortelnetworks.com/cs
under Advanced Search.
If you are a channel partner, more information can be found under
http://www.nortelnetworks.com/pic
under Advanced Search.
Novell
No statement is currently available from the vendor regarding this
vulnerability.
Objective Systems Inc.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
OpenBSD
No statement is currently available from the vendor regarding this
vulnerability.
Openwall GNU/*/Linux
No statement is currently available from the vendor regarding this
vulnerability.
RadVision
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Red Hat Inc.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Oracle Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Riverstone Networks
No statement is currently available from the vendor regarding this
vulnerability.
Secure Computing Corporation
No statement is currently available from the vendor regarding this
vulnerability.
SecureWorks
No statement is currently available from the vendor regarding this
vulnerability.
Sequent
No statement is currently available from the vendor regarding this
vulnerability.
Sony Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Stonesoft
No statement is currently available from the vendor regarding this
vulnerability.
Sun Microsystems Inc.
Sun SNMP does not provide support for H.323, so we are not
vulnerable. And so far we have not found any bundled products that
are affected by this vulnerability. We are also actively
investigating our unbundled products to see if they are affected.
Updates will be provided to this statement as they become
available.
SuSE Inc.
No statement is currently available from the vendor regarding this
vulnerability.
Symantec Corporation
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Unisys
No statement is currently available from the vendor regarding this
vulnerability.
TandBerg
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Tumbleweed Communications Corp.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
TurboLinux
No statement is currently available from the vendor regarding this
vulnerability.
uniGone
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
WatchGuard
No statement is currently available from the vendor regarding this
vulnerability.
Wirex
No statement is currently available from the vendor regarding this
vulnerability.
Wind River Systems Inc.
No statement is currently available from the vendor regarding this
vulnerability.
Xerox
No statement is currently available from the vendor regarding this
vulnerability.
ZyXEL
No statement is currently available from the vendor regarding this
vulnerability.
_________________________________________________________________
The CERT Coordination Center thanks the NISCC Vulnerability Management Team and the University of Oulu Security Programming Group (OUSPG) for coordinating the discovery and release of the technical details of this issue. ___________
Feedback may be directed to the authors: Jeffrey S. Havrilla, Mindi J. McDowell, Shawn V. Hernan and Jason A. Rafail
This document is available from: http://www.cert.org/advisories/CA-2004-01.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright 2004 Carnegie Mellon University.
Revision History January 13, 2004: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBQASK7JZ2NNT/dVAVAQG65wP8C7DyEvZGz0HqXtRqk+PAjjpMqex1hdjT BfkT6oHMhTWIdvUE1mpAwnV7OPL+N+UugCC0bAEXQzBy/YkBBOptt7IZdIeOlInh AP0RO5zqt0GqMIrdW7P14iWBX2lLCQaMUgWNyvK4ZTNE9UzpOgBk2JonfBLjbH77 KeVgAqcfP2M= =p0GQ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200402-0016",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": null,
"trust": 5.1,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": null,
"trust": 3.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": null,
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t",
"scope": null,
"trust": 2.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios 12.2 s",
"scope": null,
"trust": 2.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.2",
"scope": null,
"trust": 2.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s7",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s1",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2s"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.1e"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "11.3t"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.0t"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2t"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.0s"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.1t"
},
{
"model": "ios 12.0 s8",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ec",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "internet service node",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "conference connection",
"scope": null,
"trust": 1.1,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st6",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e12",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e7",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s2",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s6",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "radvision",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tandberg",
"version": null
},
{
"model": "ata 180 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "( version 2.16.1 previous h.323/sip load if you have introduced )"
},
{
"model": "bts 10200 softswitch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "version 3.0 from 3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ip phone 7900 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7905g h.323 software version 1.00"
},
{
"model": "ios 12.0 st7",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5a",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.1 aa",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xm4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(22)"
},
{
"model": "opencall multiservice controller",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "ios 12.1 yh3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 [ vpn des strong ] sp2 build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141716"
},
{
"model": "ios 12.2yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(1)"
},
{
"model": "ios 12.1 yf4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(7)"
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.3,
"vendor": "pwlib",
"version": "1.4.7"
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(27)"
},
{
"model": "ios 11.3ha",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(5)"
},
{
"model": "ios 12.1xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(20)"
},
{
"model": "isa server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2 t0a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3ma",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1x",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yz2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.0 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications v-gate",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "4000"
},
{
"model": "ios 12.2 ya8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb15",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ec1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 xh2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 11.3 t2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(14.5)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure host media processing software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "1.0"
},
{
"model": "ios 12.0xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 mc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios t",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.2"
},
{
"model": "sg208",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "ios 12.1xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(11)"
},
{
"model": "ios 12.1xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(18.4)"
},
{
"model": "ios 12.2 sl1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sy1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(17)"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks succession",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ios 12.2xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet premier",
"scope": null,
"trust": 0.3,
"vendor": "first",
"version": null
},
{
"model": "fedora core3",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.1xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.0"
},
{
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(17)"
},
{
"model": "ios 12.1xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yy3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xy6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(8)"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xp4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e18",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "1.02"
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.3 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1xv"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ez2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(8)"
},
{
"model": "pwlib-1.2.12-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.2xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications conference server",
"scope": null,
"trust": 0.3,
"vendor": "first",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(7)"
},
{
"model": "ios 12.1xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(4)"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 t10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "ios 12.0 st4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure pbx-ip media gateway",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios 12.0xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ez",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "1.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 zh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv3"
},
{
"model": "ios 12.1 yf2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.3,
"vendor": "pwlib",
"version": "1.5.0"
},
{
"model": "point software firewall-1 [ vpn des strong ] build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141439"
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.2"
},
{
"model": "ios 12.1 e14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software ng-ai",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(9)"
},
{
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.1 e16",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.2 mx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e14",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ez1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(12.05)"
},
{
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(1)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e13",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3wa4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 t5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "sg5x",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "ios 12.2 t4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(28)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(3)"
},
{
"model": "ios 12.0 st5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 db1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(3)"
},
{
"model": "ios 12.2 xd4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xg5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "ios 12.1 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(1.1)"
},
{
"model": "netstructure ipt ip boards",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(18.2)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "isa server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 xd3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xu1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": "ios 12.0 s2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fedora core2",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "opencall multiservice controller patch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.137"
},
{
"model": "networks wireless ip gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "(802.11)"
},
{
"model": "ios 12.1yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "sg203",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.31.29"
},
{
"model": "ios 12.2 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(4)"
},
{
"model": "ios 12.1xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 db2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(17)"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.1 ec3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t12",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(3.2)"
},
{
"model": "ios 11.3da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios ed",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "ios 12.2 zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3na",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zl1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xh3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zb7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5x",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.3"
},
{
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.11"
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3.1"
},
{
"model": "ios 12.2 xm2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 xs2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2 yw2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t15",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.2 xj1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks business communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "ios 12.1 xm7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications v-gate",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "5000"
},
{
"model": "ios 12.2yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure dmip ip boards",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "point software firewall-1 [ vpn des ]",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "+4.1"
},
{
"model": "opencall multiservice controller patch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.146"
},
{
"model": "ios 12.2 yw3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(26)"
},
{
"model": "ios 12.0xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.1"
},
{
"model": "ios 12.2 xb11",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pwlib-1.3.3-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(9)"
},
{
"model": "ios 12.2 zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2 sx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sunforum 3d",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0"
},
{
"model": "ios 12.2 xb3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000011"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-062"
},
{
"db": "NVD",
"id": "CVE-2004-0054"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:ata-180",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:bts_softswitch_10200",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:call_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:conference_connection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:internet_service_node",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:ip_phone_7900",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000011"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "University of Oulu Security Programming Group",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-062"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0054",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0054",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-8484",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0054",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#749342",
"trust": 0.8,
"value": "13.67"
},
{
"author": "NVD",
"id": "CVE-2004-0054",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200402-062",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-8484",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "VULHUB",
"id": "VHN-8484"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000011"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-062"
},
{
"db": "NVD",
"id": "CVE-2004-0054"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. The majority of the vulnerabilities discovered are limited to denial of service impacts; however, several may allow unauthorized code execution. H.323 Support protocol Cisco IOS(IOS Software release 11.3T Or later ) At H.323 Insufficient handling of messages. According to the information provided by the vendor, H.323 Supported by protocol Cisco IOS In addition to software, some Cisco IOS Products other than software are also affected. Also, IOS NAT And IOS Firewall ( CBAC ) May be affected for systems that have) enabled. Check the information provided by the vendor for more information. In addition, H.323 Vulnerabilities related to this vulnerability have been confirmed in other systems that implement the protocol. Remote attackers can use this vulnerability to conduct denial-of-service attacks on H.323-implemented devices and software, and may execute arbitrary instructions on the system with process privileges. The current investigation results are as follows: 3Com current supplier has no statement about this issue Alcatel current supplier has no statement about this issue Apple Computer Inc. Mac OS X and Mac OS X Server are not affected by this vulnerability AT\u0026T Current supplier has no statement about this issue To make a statement Avaya can see NISCC Vulnerability Advisory 006489/H323:t http://www.uniras.gov.uk/vuls/2004/006489/h323.htm Borderware Current supplier has no statement on this issue Check Point Current supplier has no Statement on this issue BSDI The current supplier has no statement on this issue Cisco Systems Inc. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities\n\n Original release date: January 13, 2004\n Last revised: --\n Source: CERT/CC, NISCC\n\n A complete revision history can be found at the end of this file. \n\nI. Description\n\n The U.K. H.323 is\n an international standard protocol, published by the International\n Telecommunications Union, used to facilitate communication among\n telephony and multimedia systems. Examples of such systems include\n VoIP, video-conferencing equipment, and network devices that manage\n H.323 traffic. A test suite developed by NISCC and the University of\n Oulu Security Programming Group (OUSPG) has exposed multiple\n vulnerabilities in a variety of implementations of the H.323 protocol\n (specifically its connection setup sub-protocol H.225.0). \n\n The U.K. National Infrastructure Security Co-ordination Centre is\n tracking these vulnerabilities as NISCC/006489/H.323. The CERT/CC is\n tracking this issue as VU#749342. This reference number corresponds to\n CVE candidate CAN-2003-0819, as referenced in Microsoft Security\n Bulletin MS04-001. \n\nII. \n\nIII. Solution\n\nApply a patch or upgrade\n\n Appendix A and the Systems Affected section of Vulnerability Note\n VU#749342 contain information provided by vendors for this advisory\n (\u003chttp://www.kb.cert.org/vuls/id/749342#systems\u003e). \n\n However, as vendors report new information to the CERT/CC, we will\n only update VU#749342. If a particular vendor is not listed, we have\n not received their comments. Please contact your vendor directly. \n\nFilter network traffic\n\n Sites are encouraged to apply network packet filters to block access\n to the H.323 services at network borders. This can minimize the\n potential of denial-of-service attacks originating from outside the\n perimeter. The specific services that should be filtered include\n\n * 1720/TCP\n * 1720/UDP\n\n If access cannot be filtered at the network perimeter, the CERT/CC\n recommends limiting access to only those external hosts that require\n H.323 for normal operation. As a general rule, filtering all types of\n network traffic that are not required for normal operation is\n recommended. \n\n It is important to note that some firewalls process H.323 packets and\n may themselves be vulnerable to attack. As noted in some vendor\n recommendations like Cisco Security Advisory 20040113-h323 and\n Microsoft Security Bulletin MS04-001, certain sites may actually want\n to disable application layer inspection of H.323 network packets. \n\n Protecting your infrastructure against these vulnerabilities may\n require careful coordination among application, computer, network, and\n telephony administrators. You may have to make tradeoffs between\n security and functionality until vulnerable products can be updated. \n\nAppendix A. Please see the Systems Affected section of Vulnerability\n Note VU#749342 and the Vendor Information section of NISCC\n Vulnerability Advisory 006489/H323 for the latest information\n regarding the response of the vendor community to this issue. \n\n3Com\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nAlcatel\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nApple Computer Inc. \n\n Apple: Not Vulnerable. Mac OS X and Mac OS X Server do not contain\n the issue described in this note. \n\nAT\u0026T\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nAvaya\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nBorderware\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nBSDI\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCisco Systems Inc. \n\n Please see\n http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml\n\nClavister\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nComputer Associates\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCyberguard\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nDebian\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nD-Link Systems\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nConectiva\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nEMC Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nEngarde\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\neSoft\n\n We don\u0027t have an H.323 implementation and thus aren\u0027t affected by\n this. \n\nExtreme Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nF5 Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFoundry Networks Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFreeBSD\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFujitsu\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nGlobal Technology Associates\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nHitachi\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nHewlett-Packard Company\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nIngrian Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nIntel\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nIntoto\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nJuniper Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLachman\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLinksys\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLotus Software\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLucent Technologies\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nMicrosoft Corporation\n\n Please see\n http://www.microsoft.com/technet/security/bulletin/MS04-001.asp\n\nMontaVista Software\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nMandrakeSoft\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nMulti-Tech Systems Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNEC Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetBSD\n\n NetBSD does not ship any H.323 implementations as part of the\n Operating System. \n\n There are a number of third-party implementations available in the\n pkgsrc system. As these products are found to be vulnerable, or\n updated, the packages will be updated accordingly. The\n audit-packages mechanism can be used to check for known-vulnerable\n package versions. \n\nNetfilter\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetScreen\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetwork Appliance\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNokia\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNortel Networks\n\n The following Nortel Networks Generally Available products and\n solutions are potentially affected by the vulnerabilities\n identified in NISCC Vulnerability Advisory 006489/H323 and CERT\n VU#749342:\n\n Business Communications Manager (BCM) (all versions) is potentially\n affected; more information is available in Product Advisory Alert\n No. PAA 2003-0392-Global. \n\n Succession 1000 IP Trunk and IP Peer Networking, and 802.11\n Wireless IP Gateway are potentially affected; more information is\n available in Product Advisory Alert No. PAA-2003-0465-Global. \n\n For more information please contact\n\n North America: 1-800-4NORTEL or 1-800-466-7835\n Europe, Middle East and Africa: 00800 8008 9009,\n or +44 (0) 870 907 9009\n\n Contacts for other regions are available at\n\n http://www.nortelnetworks.com/help/contact/global/\n\n Or visit the eService portal at http://www.nortelnetworks.com/cs\n under Advanced Search. \n\n If you are a channel partner, more information can be found under\n\n http://www.nortelnetworks.com/pic\n\n under Advanced Search. \n\nNovell\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nObjective Systems Inc. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nOpenBSD\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nOpenwall GNU/*/Linux\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nRadVision\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nRed Hat Inc. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nOracle Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nRiverstone Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSecure Computing Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSecureWorks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSequent\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSony Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nStonesoft\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSun Microsystems Inc. \n\n Sun SNMP does not provide support for H.323, so we are not\n vulnerable. And so far we have not found any bundled products that\n are affected by this vulnerability. We are also actively\n investigating our unbundled products to see if they are affected. \n Updates will be provided to this statement as they become\n available. \n\nSuSE Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSymantec Corporation\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nUnisys\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nTandBerg\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nTumbleweed Communications Corp. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nTurboLinux\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nuniGone\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nWatchGuard\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nWirex\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nWind River Systems Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nXerox\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nZyXEL\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n _________________________________________________________________\n\n The CERT Coordination Center thanks the NISCC Vulnerability Management\n Team and the University of Oulu Security Programming Group (OUSPG) for\n coordinating the discovery and release of the technical details of\n this issue. \n _________________________________________________________________\n\n Feedback may be directed to the authors: Jeffrey S. Havrilla, Mindi J. \n McDowell, Shawn V. Hernan and Jason A. Rafail\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2004-01.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n ______________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright 2004 Carnegie Mellon University. \n\n Revision History\nJanuary 13, 2004: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBQASK7JZ2NNT/dVAVAQG65wP8C7DyEvZGz0HqXtRqk+PAjjpMqex1hdjT\nBfkT6oHMhTWIdvUE1mpAwnV7OPL+N+UugCC0bAEXQzBy/YkBBOptt7IZdIeOlInh\nAP0RO5zqt0GqMIrdW7P14iWBX2lLCQaMUgWNyvK4ZTNE9UzpOgBk2JonfBLjbH77\nKeVgAqcfP2M=\n=p0GQ\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0054"
},
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000011"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "VULHUB",
"id": "VHN-8484"
},
{
"db": "PACKETSTORM",
"id": "32511"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#749342",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2004-0054",
"trust": 2.8
},
{
"db": "BID",
"id": "9406",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1008685",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "10869",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1008846",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000011",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200402-062",
"trust": 0.7
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:4884",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2004-01",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20040113 VULNERABILITIES IN H.323 MESSAGE PROCESSING",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-8484",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "32511",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "VULHUB",
"id": "VHN-8484"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000011"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-062"
},
{
"db": "NVD",
"id": "CVE-2004-0054"
}
]
},
"id": "VAR-200402-0016",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8484"
}
],
"trust": 0.55567543
},
"last_update_date": "2025-04-03T22:11:06.131000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20040113-h323",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml"
},
{
"title": "cisco-sa-20040113-h323",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20040113-h323-Japan.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000011"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0054"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"trust": 2.9,
"url": "http://www.cert.org/advisories/ca-2004-01.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/9406"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"trust": 2.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1008685"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a4884"
},
{
"trust": 0.8,
"url": "http://www.itu.int/itudoc/itu-t/rec/h/h225-0.html"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/h2250v4/index.html"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-050.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0054"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20040113-00387.xml"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040301.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040501.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040901.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2004-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-006489/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2004-01/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0054"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20040113-00387.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/10869/"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/jan/1008846.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20040114_112014.html"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:4884"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/alerts/h323.html"
},
{
"trust": 0.3,
"url": "http://support.fvc.com/eng/docs/misc_docs/h.323_security_bulletin.pdf"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/h323_hf.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101429-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://support.avaya.com/japple/css/japple?temp.groupid=128450\u0026temp.selectedfamily=128451\u0026temp.selectedproduct=154235\u0026temp.selectedbucket=126655\u0026temp.feedbackstate=askforfeedback\u0026temp.documentid=15871"
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/749342#systems\u003e)."
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms04-001.asp"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/help/contact/global/"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/cs"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/pic"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "VULHUB",
"id": "VHN-8484"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000011"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-062"
},
{
"db": "NVD",
"id": "CVE-2004-0054"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "VULHUB",
"id": "VHN-8484"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000011"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-062"
},
{
"db": "NVD",
"id": "CVE-2004-0054"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#749342"
},
{
"date": "2004-02-17T00:00:00",
"db": "VULHUB",
"id": "VHN-8484"
},
{
"date": "2004-01-13T00:00:00",
"db": "BID",
"id": "9406"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000011"
},
{
"date": "2004-01-14T18:44:00",
"db": "PACKETSTORM",
"id": "32511"
},
{
"date": "2004-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-062"
},
{
"date": "2004-02-17T05:00:00",
"db": "NVD",
"id": "CVE-2004-0054"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-07-29T00:00:00",
"db": "CERT/CC",
"id": "VU#749342"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-8484"
},
{
"date": "2007-11-15T00:39:00",
"db": "BID",
"id": "9406"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000011"
},
{
"date": "2009-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-062"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0054"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-062"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in H.323 implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "9406"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-062"
}
],
"trust": 0.9
}
}
VAR-200402-0049
Vulnerability from variot - Updated: 2025-04-03 22:11Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. The majority of the vulnerabilities discovered are limited to denial of service impacts; however, several may allow unauthorized code execution. Microsoft ISA Server Is operating in cache mode, Microsoft Firewall Service Is disabled by default and is not affected by this issue. In addition, H.323 Vulnerabilities related to this vulnerability have been confirmed in other systems that implement the protocol. For other system information, NISCC-006489 (JVN) , NISCC Advisory 006489/h323(CPNI Advisory 00387) Please check also. Caution: Of this vulnerability CVSS The basic value is " Microsoft ISA Server " Is calculated for. Other systems are not considered.According to the information provided by Microsoft, Microsoft ISA Server Is specific H.323 If traffic is handled, arbitrary code may be executed. Also, H.323 Service disruption for other systems that implement the protocol (DoS) An attacker may be attacked or a third party may be able to execute arbitrary code remotely. The condition presents itself due to insufficient boundary checks performed by the Microsoft Firewall Service on specially crafted H.323 traffic. This may lead to complete control of the vulnerable system. -----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities
Original release date: January 13, 2004 Last revised: -- Source: CERT/CC, NISCC
A complete revision history can be found at the end of this file.
I. Description
The U.K. H.323 is an international standard protocol, published by the International Telecommunications Union, used to facilitate communication among telephony and multimedia systems. Examples of such systems include VoIP, video-conferencing equipment, and network devices that manage H.323 traffic. A test suite developed by NISCC and the University of Oulu Security Programming Group (OUSPG) has exposed multiple vulnerabilities in a variety of implementations of the H.323 protocol (specifically its connection setup sub-protocol H.225.0).
Information about individual vendor H.323 implementations is available in the Vendor Information section below, and in the Vendor Information section of NISCC Vulnerability Advisory 006489/H323.
The U.K. National Infrastructure Security Co-ordination Centre is tracking these vulnerabilities as NISCC/006489/H.323. The CERT/CC is tracking this issue as VU#749342. This reference number corresponds to CVE candidate CAN-2003-0819, as referenced in Microsoft Security Bulletin MS04-001.
II.
III. Solution
Apply a patch or upgrade
Appendix A and the Systems Affected section of Vulnerability Note VU#749342 contain information provided by vendors for this advisory (http://www.kb.cert.org/vuls/id/749342#systems).
However, as vendors report new information to the CERT/CC, we will only update VU#749342. If a particular vendor is not listed, we have not received their comments. Please contact your vendor directly.
Filter network traffic
Sites are encouraged to apply network packet filters to block access to the H.323 services at network borders. This can minimize the potential of denial-of-service attacks originating from outside the perimeter. The specific services that should be filtered include
* 1720/TCP
* 1720/UDP
If access cannot be filtered at the network perimeter, the CERT/CC recommends limiting access to only those external hosts that require H.323 for normal operation. As a general rule, filtering all types of network traffic that are not required for normal operation is recommended.
It is important to note that some firewalls process H.323 packets and may themselves be vulnerable to attack. As noted in some vendor recommendations like Cisco Security Advisory 20040113-h323 and Microsoft Security Bulletin MS04-001, certain sites may actually want to disable application layer inspection of H.323 network packets.
Protecting your infrastructure against these vulnerabilities may require careful coordination among application, computer, network, and telephony administrators. You may have to make tradeoffs between security and functionality until vulnerable products can be updated.
Appendix A. Please see the Systems Affected section of Vulnerability Note VU#749342 and the Vendor Information section of NISCC Vulnerability Advisory 006489/H323 for the latest information regarding the response of the vendor community to this issue.
3Com
No statement is currently available from the vendor regarding this
vulnerability.
Alcatel
No statement is currently available from the vendor regarding this
vulnerability.
Apple Computer Inc.
Apple: Not Vulnerable. Mac OS X and Mac OS X Server do not contain
the issue described in this note.
AT&T
No statement is currently available from the vendor regarding this
vulnerability.
Avaya
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Borderware
No statement is currently available from the vendor regarding this
vulnerability.
Check Point
No statement is currently available from the vendor regarding this
vulnerability.
BSDI
No statement is currently available from the vendor regarding this
vulnerability.
Cisco Systems Inc.
Please see
http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml
Clavister
No statement is currently available from the vendor regarding this
vulnerability.
Computer Associates
No statement is currently available from the vendor regarding this
vulnerability.
Cyberguard
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Debian
No statement is currently available from the vendor regarding this
vulnerability.
D-Link Systems
No statement is currently available from the vendor regarding this
vulnerability.
Conectiva
No statement is currently available from the vendor regarding this
vulnerability.
EMC Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Engarde
No statement is currently available from the vendor regarding this
vulnerability.
eSoft
We don't have an H.323 implementation and thus aren't affected by
this.
Extreme Networks
No statement is currently available from the vendor regarding this
vulnerability.
F5 Networks
No statement is currently available from the vendor regarding this
vulnerability.
Foundry Networks Inc.
No statement is currently available from the vendor regarding this
vulnerability.
FreeBSD
No statement is currently available from the vendor regarding this
vulnerability.
Fujitsu
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Global Technology Associates
No statement is currently available from the vendor regarding this
vulnerability.
Hitachi
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Hewlett-Packard Company
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Ingrian Networks
No statement is currently available from the vendor regarding this
vulnerability.
Intel
No statement is currently available from the vendor regarding this
vulnerability.
Intoto
No statement is currently available from the vendor regarding this
vulnerability.
Juniper Networks
No statement is currently available from the vendor regarding this
vulnerability.
Lachman
No statement is currently available from the vendor regarding this
vulnerability.
Linksys
No statement is currently available from the vendor regarding this
vulnerability.
Lotus Software
No statement is currently available from the vendor regarding this
vulnerability.
Lucent Technologies
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Microsoft Corporation
Please see
http://www.microsoft.com/technet/security/bulletin/MS04-001.asp
MontaVista Software
No statement is currently available from the vendor regarding this
vulnerability.
MandrakeSoft
No statement is currently available from the vendor regarding this
vulnerability.
Multi-Tech Systems Inc.
No statement is currently available from the vendor regarding this
vulnerability.
NEC Corporation
No statement is currently available from the vendor regarding this
vulnerability.
NetBSD
NetBSD does not ship any H.323 implementations as part of the
Operating System.
There are a number of third-party implementations available in the
pkgsrc system. As these products are found to be vulnerable, or
updated, the packages will be updated accordingly. The
audit-packages mechanism can be used to check for known-vulnerable
package versions.
Netfilter
No statement is currently available from the vendor regarding this
vulnerability.
NetScreen
No statement is currently available from the vendor regarding this
vulnerability.
Network Appliance
No statement is currently available from the vendor regarding this
vulnerability.
Nokia
No statement is currently available from the vendor regarding this
vulnerability.
Nortel Networks
The following Nortel Networks Generally Available products and
solutions are potentially affected by the vulnerabilities
identified in NISCC Vulnerability Advisory 006489/H323 and CERT
VU#749342:
Business Communications Manager (BCM) (all versions) is potentially
affected; more information is available in Product Advisory Alert
No. PAA 2003-0392-Global.
Succession 1000 IP Trunk and IP Peer Networking, and 802.11
Wireless IP Gateway are potentially affected; more information is
available in Product Advisory Alert No. PAA-2003-0465-Global.
For more information please contact
North America: 1-800-4NORTEL or 1-800-466-7835
Europe, Middle East and Africa: 00800 8008 9009,
or +44 (0) 870 907 9009
Contacts for other regions are available at
http://www.nortelnetworks.com/help/contact/global/
Or visit the eService portal at http://www.nortelnetworks.com/cs
under Advanced Search.
If you are a channel partner, more information can be found under
http://www.nortelnetworks.com/pic
under Advanced Search.
Novell
No statement is currently available from the vendor regarding this
vulnerability.
Objective Systems Inc.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
OpenBSD
No statement is currently available from the vendor regarding this
vulnerability.
Openwall GNU/*/Linux
No statement is currently available from the vendor regarding this
vulnerability.
RadVision
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Red Hat Inc.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Oracle Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Riverstone Networks
No statement is currently available from the vendor regarding this
vulnerability.
Secure Computing Corporation
No statement is currently available from the vendor regarding this
vulnerability.
SecureWorks
No statement is currently available from the vendor regarding this
vulnerability.
Sequent
No statement is currently available from the vendor regarding this
vulnerability.
Sony Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Stonesoft
No statement is currently available from the vendor regarding this
vulnerability.
Sun Microsystems Inc.
Sun SNMP does not provide support for H.323, so we are not
vulnerable. And so far we have not found any bundled products that
are affected by this vulnerability. We are also actively
investigating our unbundled products to see if they are affected.
Updates will be provided to this statement as they become
available.
SuSE Inc.
No statement is currently available from the vendor regarding this
vulnerability.
Symantec Corporation
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Unisys
No statement is currently available from the vendor regarding this
vulnerability.
TandBerg
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Tumbleweed Communications Corp.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
TurboLinux
No statement is currently available from the vendor regarding this
vulnerability.
uniGone
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
WatchGuard
No statement is currently available from the vendor regarding this
vulnerability.
Wirex
No statement is currently available from the vendor regarding this
vulnerability.
Wind River Systems Inc.
No statement is currently available from the vendor regarding this
vulnerability.
Xerox
No statement is currently available from the vendor regarding this
vulnerability.
ZyXEL
No statement is currently available from the vendor regarding this
vulnerability.
_________________________________________________________________
The CERT Coordination Center thanks the NISCC Vulnerability Management Team and the University of Oulu Security Programming Group (OUSPG) for coordinating the discovery and release of the technical details of this issue. ___________
Feedback may be directed to the authors: Jeffrey S. Havrilla, Mindi J. McDowell, Shawn V. Hernan and Jason A. Rafail
This document is available from: http://www.cert.org/advisories/CA-2004-01.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright 2004 Carnegie Mellon University.
Revision History January 13, 2004: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBQASK7JZ2NNT/dVAVAQG65wP8C7DyEvZGz0HqXtRqk+PAjjpMqex1hdjT BfkT6oHMhTWIdvUE1mpAwnV7OPL+N+UugCC0bAEXQzBy/YkBBOptt7IZdIeOlInh AP0RO5zqt0GqMIrdW7P14iWBX2lLCQaMUgWNyvK4ZTNE9UzpOgBk2JonfBLjbH77 KeVgAqcfP2M= =p0GQ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200402-0049",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": null,
"trust": 5.1,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": null,
"trust": 3.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": null,
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t",
"scope": null,
"trust": 2.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": null,
"trust": 2.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2",
"scope": null,
"trust": 2.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s7",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s1",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "proxy server",
"scope": "eq",
"trust": 1.6,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "ios 12.0 s8",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ec",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st6",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e12",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e7",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s2",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s6",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "radvision",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tandberg",
"version": null
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng fp2"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r55)"
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7"
},
{
"model": "internet security and acceleration server",
"scope": "eq",
"trust": 0.8,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "pathnavigator",
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng fp3"
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "3d 1.0 (solaris 8"
},
{
"model": "soundstation ip",
"scope": "eq",
"trust": 0.8,
"vendor": "polycom",
"version": "3000"
},
{
"model": "viewstation",
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": "viavideo",
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": "soundpoint ip",
"scope": "eq",
"trust": 0.8,
"vendor": "polycom",
"version": "500"
},
{
"model": "viavideo ii",
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": "mgc",
"scope": "eq",
"trust": 0.8,
"vendor": "polycom",
"version": "25/50/100"
},
{
"model": "ipower",
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "3.2 (solaris 2.6"
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 for )"
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8"
},
{
"model": "soundpoint ip",
"scope": "eq",
"trust": 0.8,
"vendor": "polycom",
"version": "400"
},
{
"model": "vsx",
"scope": "eq",
"trust": 0.8,
"vendor": "polycom",
"version": "7000"
},
{
"model": "ios 12.0 st7",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "isa server fp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "isa server",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.0 s5a",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.1 aa",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xm4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "isa server sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(22)"
},
{
"model": "opencall multiservice controller",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "ios 12.1 yh3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 [ vpn des strong ] sp2 build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141716"
},
{
"model": "ios 12.2yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(1)"
},
{
"model": "ios 12.1 yf4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios 12.2 xa5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(7)"
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.3,
"vendor": "pwlib",
"version": "1.4.7"
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(27)"
},
{
"model": "ios 11.3ha",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(5)"
},
{
"model": "ios 12.1xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(20)"
},
{
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 t0a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3ma",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1x",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yz2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.0 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications v-gate",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "4000"
},
{
"model": "ios 12.2 ya8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb15",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ec1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 xh2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 11.3 t2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(14.5)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure host media processing software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "1.0"
},
{
"model": "ios 12.0xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 mc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios t",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.2"
},
{
"model": "sg208",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "ios 12.1xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(11)"
},
{
"model": "ios 12.1xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(18.4)"
},
{
"model": "ios 12.2 sl1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sy1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(17)"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks succession",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ios 12.2xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet premier",
"scope": null,
"trust": 0.3,
"vendor": "first",
"version": null
},
{
"model": "fedora core3",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.1xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.0"
},
{
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(17)"
},
{
"model": "ios 12.1xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yy3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xy6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(8)"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xp4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e18",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "1.02"
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.3 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1xv"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ez2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(8)"
},
{
"model": "pwlib-1.2.12-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.2xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications conference server",
"scope": null,
"trust": 0.3,
"vendor": "first",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(7)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios 12.1xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(4)"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 t10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "ios 12.0 st4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure pbx-ip media gateway",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios 12.0xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ez",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "1.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 zh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv3"
},
{
"model": "ios 12.1 yf2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.3,
"vendor": "pwlib",
"version": "1.5.0"
},
{
"model": "point software firewall-1 [ vpn des strong ] build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141439"
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.2"
},
{
"model": "ios 12.1 e14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software ng-ai",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(9)"
},
{
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.1 e16",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.2 mx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e14",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ez1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(12.05)"
},
{
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(1)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e13",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3wa4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 t5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios 12.1 yb4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "sg5x",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "ios 12.2 t4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(28)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(3)"
},
{
"model": "ios 12.0 st5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 db1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(3)"
},
{
"model": "ios 12.2 xd4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xg5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "ios 12.1 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(1.1)"
},
{
"model": "netstructure ipt ip boards",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "internet service node",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(18.2)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 xd3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xu1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": "ios 12.0 s2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fedora core2",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "opencall multiservice controller patch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.137"
},
{
"model": "networks wireless ip gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "(802.11)"
},
{
"model": "ios 12.1yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "sg203",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.31.29"
},
{
"model": "ios 12.2 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(4)"
},
{
"model": "ios 12.1xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 db2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(17)"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.1 ec3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t12",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(3.2)"
},
{
"model": "ios 11.3da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios ed",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "ios 12.2 zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3na",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zl1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xh3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zb7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5x",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.3"
},
{
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.11"
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3.1"
},
{
"model": "ios 12.2 xm2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 xs2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2 yw2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t15",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.2 xj1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks business communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "ios 12.1 xm7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications v-gate",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "5000"
},
{
"model": "ios 12.2yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure dmip ip boards",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "point software firewall-1 [ vpn des ]",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "+4.1"
},
{
"model": "opencall multiservice controller patch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.146"
},
{
"model": "ios 12.2 yw3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(26)"
},
{
"model": "conference connection",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.1"
},
{
"model": "ios 12.2 xb11",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pwlib-1.3.3-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(9)"
},
{
"model": "ios 12.2 zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2 sx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sunforum 3d",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0"
},
{
"model": "ios 12.2 xb3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "small business server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2003"
},
{
"model": "small business server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "20000"
},
{
"model": "proxy server sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "proxy server",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "2.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "BID",
"id": "9408"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-061"
},
{
"db": "NVD",
"id": "CVE-2003-0819"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:polycom:ipower",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:polycom:mgc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:polycom:pathnavigator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:polycom:soundpoint_ip",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:polycom:soundstation_ip",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:polycom:viavideo",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:polycom:viavideo_ii",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:polycom:viewstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:polycom:vsx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:sun:sunforum",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:microsoft:isa_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "University of Oulu Security Programming Group",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-061"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0819",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0819",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2003-0819",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2003-0819",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#749342",
"trust": 0.8,
"value": "13.67"
},
{
"author": "NVD",
"id": "CVE-2003-0819",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200402-061",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-061"
},
{
"db": "NVD",
"id": "CVE-2003-0819"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. The majority of the vulnerabilities discovered are limited to denial of service impacts; however, several may allow unauthorized code execution. Microsoft ISA Server Is operating in cache mode, Microsoft Firewall Service Is disabled by default and is not affected by this issue. In addition, H.323 Vulnerabilities related to this vulnerability have been confirmed in other systems that implement the protocol. For other system information, NISCC-006489 (JVN) , NISCC Advisory 006489/h323(CPNI Advisory 00387) Please check also. Caution: Of this vulnerability CVSS The basic value is \" Microsoft ISA Server \" Is calculated for. Other systems are not considered.According to the information provided by Microsoft, Microsoft ISA Server Is specific H.323 If traffic is handled, arbitrary code may be executed. Also, H.323 Service disruption for other systems that implement the protocol (DoS) An attacker may be attacked or a third party may be able to execute arbitrary code remotely. The condition presents itself due to insufficient boundary checks performed by the Microsoft Firewall Service on specially crafted H.323 traffic. This may lead to complete control of the vulnerable system. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities\n\n Original release date: January 13, 2004\n Last revised: --\n Source: CERT/CC, NISCC\n\n A complete revision history can be found at the end of this file. \n\nI. Description\n\n The U.K. H.323 is\n an international standard protocol, published by the International\n Telecommunications Union, used to facilitate communication among\n telephony and multimedia systems. Examples of such systems include\n VoIP, video-conferencing equipment, and network devices that manage\n H.323 traffic. A test suite developed by NISCC and the University of\n Oulu Security Programming Group (OUSPG) has exposed multiple\n vulnerabilities in a variety of implementations of the H.323 protocol\n (specifically its connection setup sub-protocol H.225.0). \n\n Information about individual vendor H.323 implementations is available\n in the Vendor Information section below, and in the Vendor Information\n section of NISCC Vulnerability Advisory 006489/H323. \n\n The U.K. National Infrastructure Security Co-ordination Centre is\n tracking these vulnerabilities as NISCC/006489/H.323. The CERT/CC is\n tracking this issue as VU#749342. This reference number corresponds to\n CVE candidate CAN-2003-0819, as referenced in Microsoft Security\n Bulletin MS04-001. \n\nII. \n\nIII. Solution\n\nApply a patch or upgrade\n\n Appendix A and the Systems Affected section of Vulnerability Note\n VU#749342 contain information provided by vendors for this advisory\n (\u003chttp://www.kb.cert.org/vuls/id/749342#systems\u003e). \n\n However, as vendors report new information to the CERT/CC, we will\n only update VU#749342. If a particular vendor is not listed, we have\n not received their comments. Please contact your vendor directly. \n\nFilter network traffic\n\n Sites are encouraged to apply network packet filters to block access\n to the H.323 services at network borders. This can minimize the\n potential of denial-of-service attacks originating from outside the\n perimeter. The specific services that should be filtered include\n\n * 1720/TCP\n * 1720/UDP\n\n If access cannot be filtered at the network perimeter, the CERT/CC\n recommends limiting access to only those external hosts that require\n H.323 for normal operation. As a general rule, filtering all types of\n network traffic that are not required for normal operation is\n recommended. \n\n It is important to note that some firewalls process H.323 packets and\n may themselves be vulnerable to attack. As noted in some vendor\n recommendations like Cisco Security Advisory 20040113-h323 and\n Microsoft Security Bulletin MS04-001, certain sites may actually want\n to disable application layer inspection of H.323 network packets. \n\n Protecting your infrastructure against these vulnerabilities may\n require careful coordination among application, computer, network, and\n telephony administrators. You may have to make tradeoffs between\n security and functionality until vulnerable products can be updated. \n\nAppendix A. Please see the Systems Affected section of Vulnerability\n Note VU#749342 and the Vendor Information section of NISCC\n Vulnerability Advisory 006489/H323 for the latest information\n regarding the response of the vendor community to this issue. \n\n3Com\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nAlcatel\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nApple Computer Inc. \n\n Apple: Not Vulnerable. Mac OS X and Mac OS X Server do not contain\n the issue described in this note. \n\nAT\u0026T\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nAvaya\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nBorderware\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCheck Point\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nBSDI\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCisco Systems Inc. \n\n Please see\n http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml\n\nClavister\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nComputer Associates\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCyberguard\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nDebian\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nD-Link Systems\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nConectiva\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nEMC Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nEngarde\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\neSoft\n\n We don\u0027t have an H.323 implementation and thus aren\u0027t affected by\n this. \n\nExtreme Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nF5 Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFoundry Networks Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFreeBSD\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFujitsu\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nGlobal Technology Associates\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nHitachi\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nHewlett-Packard Company\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nIngrian Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nIntel\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nIntoto\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nJuniper Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLachman\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLinksys\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLotus Software\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLucent Technologies\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nMicrosoft Corporation\n\n Please see\n http://www.microsoft.com/technet/security/bulletin/MS04-001.asp\n\nMontaVista Software\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nMandrakeSoft\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nMulti-Tech Systems Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNEC Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetBSD\n\n NetBSD does not ship any H.323 implementations as part of the\n Operating System. \n\n There are a number of third-party implementations available in the\n pkgsrc system. As these products are found to be vulnerable, or\n updated, the packages will be updated accordingly. The\n audit-packages mechanism can be used to check for known-vulnerable\n package versions. \n\nNetfilter\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetScreen\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetwork Appliance\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNokia\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNortel Networks\n\n The following Nortel Networks Generally Available products and\n solutions are potentially affected by the vulnerabilities\n identified in NISCC Vulnerability Advisory 006489/H323 and CERT\n VU#749342:\n\n Business Communications Manager (BCM) (all versions) is potentially\n affected; more information is available in Product Advisory Alert\n No. PAA 2003-0392-Global. \n\n Succession 1000 IP Trunk and IP Peer Networking, and 802.11\n Wireless IP Gateway are potentially affected; more information is\n available in Product Advisory Alert No. PAA-2003-0465-Global. \n\n For more information please contact\n\n North America: 1-800-4NORTEL or 1-800-466-7835\n Europe, Middle East and Africa: 00800 8008 9009,\n or +44 (0) 870 907 9009\n\n Contacts for other regions are available at\n\n http://www.nortelnetworks.com/help/contact/global/\n\n Or visit the eService portal at http://www.nortelnetworks.com/cs\n under Advanced Search. \n\n If you are a channel partner, more information can be found under\n\n http://www.nortelnetworks.com/pic\n\n under Advanced Search. \n\nNovell\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nObjective Systems Inc. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nOpenBSD\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nOpenwall GNU/*/Linux\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nRadVision\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nRed Hat Inc. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nOracle Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nRiverstone Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSecure Computing Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSecureWorks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSequent\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSony Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nStonesoft\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSun Microsystems Inc. \n\n Sun SNMP does not provide support for H.323, so we are not\n vulnerable. And so far we have not found any bundled products that\n are affected by this vulnerability. We are also actively\n investigating our unbundled products to see if they are affected. \n Updates will be provided to this statement as they become\n available. \n\nSuSE Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSymantec Corporation\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nUnisys\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nTandBerg\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nTumbleweed Communications Corp. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nTurboLinux\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nuniGone\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nWatchGuard\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nWirex\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nWind River Systems Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nXerox\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nZyXEL\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n _________________________________________________________________\n\n The CERT Coordination Center thanks the NISCC Vulnerability Management\n Team and the University of Oulu Security Programming Group (OUSPG) for\n coordinating the discovery and release of the technical details of\n this issue. \n _________________________________________________________________\n\n Feedback may be directed to the authors: Jeffrey S. Havrilla, Mindi J. \n McDowell, Shawn V. Hernan and Jason A. Rafail\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2004-01.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n ______________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright 2004 Carnegie Mellon University. \n\n Revision History\nJanuary 13, 2004: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBQASK7JZ2NNT/dVAVAQG65wP8C7DyEvZGz0HqXtRqk+PAjjpMqex1hdjT\nBfkT6oHMhTWIdvUE1mpAwnV7OPL+N+UugCC0bAEXQzBy/YkBBOptt7IZdIeOlInh\nAP0RO5zqt0GqMIrdW7P14iWBX2lLCQaMUgWNyvK4ZTNE9UzpOgBk2JonfBLjbH77\nKeVgAqcfP2M=\n=p0GQ\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0819"
},
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "BID",
"id": "9408"
},
{
"db": "PACKETSTORM",
"id": "32511"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#749342",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2003-0819",
"trust": 3.0
},
{
"db": "BID",
"id": "9406",
"trust": 2.7
},
{
"db": "BID",
"id": "9408",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "10611",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1008698",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "10869",
"trust": 0.8
},
{
"db": "XF",
"id": "14167",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1008846",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000008",
"trust": 0.8
},
{
"db": "MS",
"id": "MS04-001",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:478",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2004-01",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200402-061",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "32511",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "BID",
"id": "9408"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-061"
},
{
"db": "NVD",
"id": "CVE-2003-0819"
}
]
},
"id": "VAR-200402-0049",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4168258025
},
"last_update_date": "2025-04-03T22:11:06.084000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "H.323 Vulnerability",
"trust": 0.8,
"url": "http://www.checkpoint.com/services/techsupport/alerts/h323.html"
},
{
"title": "MS04-001",
"trust": 0.8,
"url": "http://www.microsoft.com/technet/security/bulletin/MS04-001.mspx"
},
{
"title": "CERT/NISCC Advisory - MGC",
"trust": 0.8,
"url": "http://www.polycom.com/common/pw_item_show_doc/0,,2752,00.pdf"
},
{
"title": "CERT/NISCC Advisory - PathNavigator",
"trust": 0.8,
"url": "http://www.polycom.com/common/pw_item_show_doc/0,,2749,00.pdf"
},
{
"title": "CERT/NISCC Advisory - SoundPoint IP/SoundStation IP",
"trust": 0.8,
"url": "http://www.polycom.com/common/pw_item_show_doc/0,,2750,00.pdf"
},
{
"title": "CERT/NISCC Advisory - Video Division",
"trust": 0.8,
"url": "http://www.polycom.com/common/pw_item_show_doc/0,,2751,00.pdf"
},
{
"title": "57476",
"trust": 0.8,
"url": "http://jp.sunsolve.sun.com/search/document.do?assetkey=1-26-57476-1"
},
{
"title": "57476",
"trust": 0.8,
"url": "http://jp.sunsolve.sun.com/search/document.do?assetkey=1-26-57476-3"
},
{
"title": "H.323 \u306b\u95a2\u3059\u308b\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.checkpoint.co.jp/techsupport/alerts/h323.html"
},
{
"title": "MS04-001",
"trust": 0.8,
"url": "http://www.microsoft.com/japan/technet/security/bulletin/MS04-001.mspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"db": "NVD",
"id": "CVE-2003-0819"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"trust": 2.8,
"url": "http://www.cert.org/advisories/ca-2004-01.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/9408"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/9406"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1008698"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/10611"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a478"
},
{
"trust": 1.0,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"trust": 0.8,
"url": "http://www.itu.int/itudoc/itu-t/rec/h/h225-0.html"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/h2250v4/index.html"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/o-051.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0819"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20040113-00387.xml"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040301.txtq"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040501.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040901.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-006489/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2004-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-060525/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2004-01/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0819"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20040113-00387.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/10869/"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/jan/1008846.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/14167"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20040114_112014.html"
},
{
"trust": 0.7,
"url": "http://www.microsoft.com/technet/security/bulletin/ms04-001.asp"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:478"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/alerts/h323.html"
},
{
"trust": 0.3,
"url": "http://support.fvc.com/eng/docs/misc_docs/h.323_security_bulletin.pdf"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/h323_hf.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101429-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://support.avaya.com/japple/css/japple?temp.groupid=128450\u0026temp.selectedfamily=128451\u0026temp.selectedproduct=154235\u0026temp.selectedbucket=126655\u0026temp.feedbackstate=askforfeedback\u0026temp.documentid=15871"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms04-001.asp"
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/749342#systems\u003e)."
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/help/contact/global/"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/cs"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/pic"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "BID",
"id": "9408"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-061"
},
{
"db": "NVD",
"id": "CVE-2003-0819"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "BID",
"id": "9408"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "CNNVD",
"id": "CNNVD-200402-061"
},
{
"db": "NVD",
"id": "CVE-2003-0819"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#749342"
},
{
"date": "2004-01-13T00:00:00",
"db": "BID",
"id": "9406"
},
{
"date": "2004-01-13T00:00:00",
"db": "BID",
"id": "9408"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"date": "2004-01-14T18:44:00",
"db": "PACKETSTORM",
"id": "32511"
},
{
"date": "2004-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-061"
},
{
"date": "2004-02-17T05:00:00",
"db": "NVD",
"id": "CVE-2003-0819"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-07-29T00:00:00",
"db": "CERT/CC",
"id": "VU#749342"
},
{
"date": "2007-11-15T00:39:00",
"db": "BID",
"id": "9406"
},
{
"date": "2009-07-12T02:06:00",
"db": "BID",
"id": "9408"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000008"
},
{
"date": "2006-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200402-061"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2003-0819"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "9406"
},
{
"db": "BID",
"id": "9408"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in H.323 implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200402-061"
}
],
"trust": 0.6
}
}
VAR-200403-0035
Vulnerability from variot - Updated: 2025-04-03 22:11Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. Cross platform library PWLib 1.6.0 Less than H.225 There is a flaw in handling messages. The degree of influence is PWLib Depends on the application that uses In addition, H.323 Vulnerabilities related to this vulnerability have been confirmed in other systems that implement the protocol. For other system information, NISCC-006489 (JVN) , NISCC Advisory 006489/h323(CPNI Advisory 00387) Please check also.PWLib Applications that use H.225 Service disruption by processing messages (DoS) An attacker may be able to attack or execute arbitrary code. -----BEGIN PGP SIGNED MESSAGE-----
CERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities
Original release date: January 13, 2004 Last revised: -- Source: CERT/CC, NISCC
A complete revision history can be found at the end of this file.
I. Description
The U.K. H.323 is an international standard protocol, published by the International Telecommunications Union, used to facilitate communication among telephony and multimedia systems. Examples of such systems include VoIP, video-conferencing equipment, and network devices that manage H.323 traffic.
Information about individual vendor H.323 implementations is available in the Vendor Information section below, and in the Vendor Information section of NISCC Vulnerability Advisory 006489/H323.
The U.K. National Infrastructure Security Co-ordination Centre is tracking these vulnerabilities as NISCC/006489/H.323. The CERT/CC is tracking this issue as VU#749342. This reference number corresponds to CVE candidate CAN-2003-0819, as referenced in Microsoft Security Bulletin MS04-001.
II.
III. Solution
Apply a patch or upgrade
Appendix A and the Systems Affected section of Vulnerability Note VU#749342 contain information provided by vendors for this advisory (http://www.kb.cert.org/vuls/id/749342#systems).
However, as vendors report new information to the CERT/CC, we will only update VU#749342. If a particular vendor is not listed, we have not received their comments. Please contact your vendor directly.
Filter network traffic
Sites are encouraged to apply network packet filters to block access to the H.323 services at network borders. This can minimize the potential of denial-of-service attacks originating from outside the perimeter. The specific services that should be filtered include
* 1720/TCP
* 1720/UDP
If access cannot be filtered at the network perimeter, the CERT/CC recommends limiting access to only those external hosts that require H.323 for normal operation. As a general rule, filtering all types of network traffic that are not required for normal operation is recommended.
It is important to note that some firewalls process H.323 packets and may themselves be vulnerable to attack. As noted in some vendor recommendations like Cisco Security Advisory 20040113-h323 and Microsoft Security Bulletin MS04-001, certain sites may actually want to disable application layer inspection of H.323 network packets.
Protecting your infrastructure against these vulnerabilities may require careful coordination among application, computer, network, and telephony administrators. You may have to make tradeoffs between security and functionality until vulnerable products can be updated.
Appendix A. - Vendor Information
This appendix contains information provided by vendors for this advisory. Please see the Systems Affected section of Vulnerability Note VU#749342 and the Vendor Information section of NISCC Vulnerability Advisory 006489/H323 for the latest information regarding the response of the vendor community to this issue.
3Com
No statement is currently available from the vendor regarding this
vulnerability.
Alcatel
No statement is currently available from the vendor regarding this
vulnerability.
Apple Computer Inc.
Apple: Not Vulnerable. Mac OS X and Mac OS X Server do not contain
the issue described in this note.
AT&T
No statement is currently available from the vendor regarding this
vulnerability.
Avaya
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Borderware
No statement is currently available from the vendor regarding this
vulnerability.
Check Point
No statement is currently available from the vendor regarding this
vulnerability.
BSDI
No statement is currently available from the vendor regarding this
vulnerability.
Cisco Systems Inc.
Please see
http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml
Clavister
No statement is currently available from the vendor regarding this
vulnerability.
Computer Associates
No statement is currently available from the vendor regarding this
vulnerability.
Cyberguard
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Debian
No statement is currently available from the vendor regarding this
vulnerability.
D-Link Systems
No statement is currently available from the vendor regarding this
vulnerability.
Conectiva
No statement is currently available from the vendor regarding this
vulnerability.
EMC Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Engarde
No statement is currently available from the vendor regarding this
vulnerability.
eSoft
We don't have an H.323 implementation and thus aren't affected by
this.
Extreme Networks
No statement is currently available from the vendor regarding this
vulnerability.
F5 Networks
No statement is currently available from the vendor regarding this
vulnerability.
Foundry Networks Inc.
No statement is currently available from the vendor regarding this
vulnerability.
FreeBSD
No statement is currently available from the vendor regarding this
vulnerability.
Fujitsu
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Global Technology Associates
No statement is currently available from the vendor regarding this
vulnerability.
Hitachi
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Hewlett-Packard Company
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Ingrian Networks
No statement is currently available from the vendor regarding this
vulnerability.
Intel
No statement is currently available from the vendor regarding this
vulnerability.
Intoto
No statement is currently available from the vendor regarding this
vulnerability.
Juniper Networks
No statement is currently available from the vendor regarding this
vulnerability.
Lachman
No statement is currently available from the vendor regarding this
vulnerability.
Linksys
No statement is currently available from the vendor regarding this
vulnerability.
Lotus Software
No statement is currently available from the vendor regarding this
vulnerability.
Lucent Technologies
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Microsoft Corporation
Please see
http://www.microsoft.com/technet/security/bulletin/MS04-001.asp
MontaVista Software
No statement is currently available from the vendor regarding this
vulnerability.
MandrakeSoft
No statement is currently available from the vendor regarding this
vulnerability.
Multi-Tech Systems Inc.
No statement is currently available from the vendor regarding this
vulnerability.
NEC Corporation
No statement is currently available from the vendor regarding this
vulnerability.
NetBSD
NetBSD does not ship any H.323 implementations as part of the
Operating System.
There are a number of third-party implementations available in the
pkgsrc system. As these products are found to be vulnerable, or
updated, the packages will be updated accordingly. The
audit-packages mechanism can be used to check for known-vulnerable
package versions.
Netfilter
No statement is currently available from the vendor regarding this
vulnerability.
NetScreen
No statement is currently available from the vendor regarding this
vulnerability.
Network Appliance
No statement is currently available from the vendor regarding this
vulnerability.
Nokia
No statement is currently available from the vendor regarding this
vulnerability.
Nortel Networks
The following Nortel Networks Generally Available products and
solutions are potentially affected by the vulnerabilities
identified in NISCC Vulnerability Advisory 006489/H323 and CERT
VU#749342:
Business Communications Manager (BCM) (all versions) is potentially
affected; more information is available in Product Advisory Alert
No. PAA 2003-0392-Global.
Succession 1000 IP Trunk and IP Peer Networking, and 802.11
Wireless IP Gateway are potentially affected; more information is
available in Product Advisory Alert No. PAA-2003-0465-Global.
For more information please contact
North America: 1-800-4NORTEL or 1-800-466-7835
Europe, Middle East and Africa: 00800 8008 9009,
or +44 (0) 870 907 9009
Contacts for other regions are available at
http://www.nortelnetworks.com/help/contact/global/
Or visit the eService portal at http://www.nortelnetworks.com/cs
under Advanced Search.
If you are a channel partner, more information can be found under
http://www.nortelnetworks.com/pic
under Advanced Search.
Novell
No statement is currently available from the vendor regarding this
vulnerability.
Objective Systems Inc.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
OpenBSD
No statement is currently available from the vendor regarding this
vulnerability.
Openwall GNU/*/Linux
No statement is currently available from the vendor regarding this
vulnerability.
RadVision
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Red Hat Inc.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Oracle Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Riverstone Networks
No statement is currently available from the vendor regarding this
vulnerability.
Secure Computing Corporation
No statement is currently available from the vendor regarding this
vulnerability.
SecureWorks
No statement is currently available from the vendor regarding this
vulnerability.
Sequent
No statement is currently available from the vendor regarding this
vulnerability.
Sony Corporation
No statement is currently available from the vendor regarding this
vulnerability.
Stonesoft
No statement is currently available from the vendor regarding this
vulnerability.
Sun Microsystems Inc.
Sun SNMP does not provide support for H.323, so we are not
vulnerable. And so far we have not found any bundled products that
are affected by this vulnerability. We are also actively
investigating our unbundled products to see if they are affected.
Updates will be provided to this statement as they become
available.
SuSE Inc.
No statement is currently available from the vendor regarding this
vulnerability.
Symantec Corporation
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Unisys
No statement is currently available from the vendor regarding this
vulnerability.
TandBerg
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Tumbleweed Communications Corp.
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
TurboLinux
No statement is currently available from the vendor regarding this
vulnerability.
uniGone
Please see the NISCC Vulnerability Advisory 006489/H323 at
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
WatchGuard
No statement is currently available from the vendor regarding this
vulnerability.
Wirex
No statement is currently available from the vendor regarding this
vulnerability.
Wind River Systems Inc.
No statement is currently available from the vendor regarding this
vulnerability.
Xerox
No statement is currently available from the vendor regarding this
vulnerability.
ZyXEL
No statement is currently available from the vendor regarding this
vulnerability.
_________________________________________________________________
The CERT Coordination Center thanks the NISCC Vulnerability Management Team and the University of Oulu Security Programming Group (OUSPG) for coordinating the discovery and release of the technical details of this issue. ___________
Feedback may be directed to the authors: Jeffrey S. Havrilla, Mindi J. McDowell, Shawn V. Hernan and Jason A. Rafail
This document is available from: http://www.cert.org/advisories/CA-2004-01.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright 2004 Carnegie Mellon University.
Revision History January 13, 2004: Initial release
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBQASK7JZ2NNT/dVAVAQG65wP8C7DyEvZGz0HqXtRqk+PAjjpMqex1hdjT BfkT6oHMhTWIdvUE1mpAwnV7OPL+N+UugCC0bAEXQzBy/YkBBOptt7IZdIeOlInh AP0RO5zqt0GqMIrdW7P14iWBX2lLCQaMUgWNyvK4ZTNE9UzpOgBk2JonfBLjbH77 KeVgAqcfP2M= =p0GQ -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200404-11
http://security.gentoo.org
Severity: High Title: Multiple Vulnerabilities in pwlib
Date: April 09, 2004
Bugs: #45846
ID: 200404-11
Synopsis
Multiple vulnerabilites have been found in pwlib that may lead to a remote denial of service or buffer overflow attack.
Background
pwlib is a multi-platform library designed for OpenH323.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
dev-libs/pwlib <= 1.5.2-r2 >= 1.5.2-r3
Description
Multiple vulnerabilities have been found in the implimentation of protocol H.323 contained in pwlib. Most of the vulnerabilies are in the parsing of ASN.1 elements which would allow an attacker to use a maliciously crafted ASN.1 element to cause unpredictable behavior in pwlib.
Workaround
Blocking ports 1719 and 1720 may reduce the likelihood of an attack. All users are advised to upgrade to the latest version of the affected package.
Resolution
All pwlib users are advised to upgrade to version 1.5.2-r3 or later:
# emerge sync
# emerge -pv ">=dev-libs/pwlib-1.5.2-r3"
# emerge ">=dev-libs/pwlib-1.5.2-r3"
References
[ 1 ] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097 [ 2 ] http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200404-11.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2004 Gentoo Technologies, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/1.0
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200403-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios 12.0",
"scope": null,
"trust": 5.1,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": null,
"trust": 3.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1",
"scope": null,
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e",
"scope": null,
"trust": 3.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t",
"scope": null,
"trust": 2.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": null,
"trust": 2.7,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2",
"scope": null,
"trust": 2.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s7",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s1",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2",
"scope": "ne",
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st",
"scope": null,
"trust": 1.5,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ec",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t",
"scope": null,
"trust": 1.2,
"vendor": "cisco",
"version": null
},
{
"model": "pwlib",
"scope": "lte",
"trust": 1.0,
"vendor": "openh323",
"version": "1.6.0"
},
{
"model": "ios 12.1 e8",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e3",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st6",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e12",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e7",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st1",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s2",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s6",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "polycom",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "radvision",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tandberg",
"version": null
},
{
"model": "gnu/linux",
"scope": "eq",
"trust": 0.8,
"vendor": "debian",
"version": "3.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "ios 12.0 st7",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5a",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "ios 12.1 aa",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xm4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 bx",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st2",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e4",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xh",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.6,
"vendor": "openh323",
"version": "1.6.0"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(22)"
},
{
"model": "opencall multiservice controller",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.2"
},
{
"model": "ios 12.1 yh3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 [ vpn des strong ] sp2 build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141716"
},
{
"model": "ios 12.2yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(1)"
},
{
"model": "ios 12.1 yf4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios 12.2 xa5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(7)"
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.3,
"vendor": "pwlib",
"version": "1.4.7"
},
{
"model": "ios 12.1 yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(27)"
},
{
"model": "ios 11.3ha",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(5)"
},
{
"model": "ios 12.1xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s4a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(20)"
},
{
"model": "isa server fp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s8a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "isa server",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "ios 12.2 t0a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3ma",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sxa",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1x",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yz2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(13)"
},
{
"model": "ios 12.0 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications v-gate",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "4000"
},
{
"model": "ios 12.2 ya8",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb15",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ec1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 xh2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 11.3 t2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(14.5)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "ios 12.2 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure host media processing software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "1.0"
},
{
"model": "ios 12.0xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "ios 12.1 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 mc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ec",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios t",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.2"
},
{
"model": "sg208",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"model": "ios 12.1xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(11)"
},
{
"model": "ios 12.1xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ze",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(18.4)"
},
{
"model": "ios 12.2 sl1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 sy1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(17)"
},
{
"model": "ios 12.1 e12",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks succession",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
},
{
"model": "ios 12.2dd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0st",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.1"
},
{
"model": "ios 12.2xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet premier",
"scope": null,
"trust": 0.3,
"vendor": "first",
"version": null
},
{
"model": "fedora core3",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.1xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.0"
},
{
"model": "ios 12.2xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(17)"
},
{
"model": "ios 12.1xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yy3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xy6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(8)"
},
{
"model": "ios 12.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xp4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e18",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "1.02"
},
{
"model": "point software next generation fp2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.3 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1xv"
},
{
"model": "ios 12.1 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xd1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ez2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(8)"
},
{
"model": "pwlib-1.2.12-3.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.2xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications conference server",
"scope": null,
"trust": 0.3,
"vendor": "first",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(7)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios 12.1xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(4)"
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 t10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "ne",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0.1"
},
{
"model": "ios 12.0 st4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure pbx-ip media gateway",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "ios 12.0xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ez",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "1.0"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1(2)"
},
{
"model": "ios 12.2 zh3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv3"
},
{
"model": "ios 12.1 yf2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fedora core1",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "pwlib",
"scope": "eq",
"trust": 0.3,
"vendor": "pwlib",
"version": "1.5.0"
},
{
"model": "point software firewall-1 [ vpn des strong ] build",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "++4.141439"
},
{
"model": "sunforum",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3.2"
},
{
"model": "ios 12.1 e14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2yk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software ng-ai",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(9)"
},
{
"model": "ios 12.2zd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.1 e16",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "bts",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10200"
},
{
"model": "ios 12.2 mx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e14",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 ez1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3 hf2",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(12.05)"
},
{
"model": "ios 12.2yn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2bw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(1)"
},
{
"model": "ios 12.1 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e13",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3wa4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yi1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yv",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 t5",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios 12.1 yb4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "sg5x",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"model": "ios 12.2 t4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(28)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(3)"
},
{
"model": "ios 12.0 st5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 db1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(3)"
},
{
"model": "ios 12.2 xd4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ios 12.2zg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xg5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "ios 12.1 xp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xl4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(1.1)"
},
{
"model": "netstructure ipt ip boards",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "internet service node",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yd2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yu",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(18.2)"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "isa server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "2000"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2 xd3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xu1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv"
},
{
"model": "ios 12.0 s2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "fedora core2",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "opencall multiservice controller patch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.137"
},
{
"model": "networks wireless ip gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "(802.11)"
},
{
"model": "ios 12.1yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sx",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv5"
},
{
"model": "sg203",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.31.29"
},
{
"model": "ios 12.2 yd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s3b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(4)"
},
{
"model": "ios 12.1xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3 db2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(17)"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ios 12.1 ec3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t12",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(3.2)"
},
{
"model": "ios 11.3da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 xt3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios ed",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.1"
},
{
"model": "ios 12.2 zl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3na",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zl1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yz",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xh3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "9.0"
},
{
"model": "ios 12.2xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zb7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xn1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sg5x",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.3"
},
{
"model": "ios 12.1xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.3.11"
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xt",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.2zj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.3.1"
},
{
"model": "ios 12.2 xm2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yc1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 yb5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 dd3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "ios 12.2xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(5)xv4"
},
{
"model": "ios 12.1 xs2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 xk",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2 yw2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ym",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 t15",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xm",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "call manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(3)"
},
{
"model": "ios 12.2 xj1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 yx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "networks business communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "0"
},
{
"model": "ios 12.1 xm7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 ya7",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zj2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1yb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "virtual communications v-gate",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "5000"
},
{
"model": "ios 12.2yw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 aa1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 e6",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "netstructure dmip ip boards",
"scope": null,
"trust": 0.3,
"vendor": "intel",
"version": null
},
{
"model": "point software firewall-1 [ vpn des ]",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "+4.1"
},
{
"model": "opencall multiservice controller patch",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "1.146"
},
{
"model": "ios 12.2 yw3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2ya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.3 t3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(26)"
},
{
"model": "conference connection",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"model": "virtual communications click to meet express",
"scope": "eq",
"trust": 0.3,
"vendor": "first",
"version": "2.1"
},
{
"model": "ios 12.2 xb11",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "pwlib-1.3.3-5.i386.rpm",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "ios 12.2 xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(9)"
},
{
"model": "ios 12.2 zh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 st3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2zb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software next generation fp3 hf1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "ios 12.2 sx1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xa1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "ios 12.2 xl",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2yj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "sunforum 3d",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.0"
},
{
"model": "ios 12.2 xb3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 xs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000012"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-046"
},
{
"db": "NVD",
"id": "CVE-2004-0097"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:debian:debian_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:linux",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000012"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "University of Oulu Security Programming Group",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-046"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0097",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0097",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0097",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#749342",
"trust": 0.8,
"value": "13.67"
},
{
"author": "NVD",
"id": "CVE-2004-0097",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200403-046",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000012"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-046"
},
{
"db": "NVD",
"id": "CVE-2004-0097"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. A number of vulnerabilities have been discovered in various implementations of the multimedia telephony protocols H.323 and H.225. Voice over Internet Protocol (VoIP) and video conferencing equpiment and software can use these protocols to interoperate over a variety of computer networks. Cross platform library PWLib 1.6.0 Less than H.225 There is a flaw in handling messages. The degree of influence is PWLib Depends on the application that uses In addition, H.323 Vulnerabilities related to this vulnerability have been confirmed in other systems that implement the protocol. For other system information, NISCC-006489 (JVN) , NISCC Advisory 006489/h323(CPNI Advisory 00387) Please check also.PWLib Applications that use H.225 Service disruption by processing messages (DoS) An attacker may be able to attack or execute arbitrary code. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Advisory CA-2004-01 Multiple H.323 Message Vulnerabilities\n\n Original release date: January 13, 2004\n Last revised: --\n Source: CERT/CC, NISCC\n\n A complete revision history can be found at the end of this file. \n\nI. Description\n\n The U.K. H.323 is\n an international standard protocol, published by the International\n Telecommunications Union, used to facilitate communication among\n telephony and multimedia systems. Examples of such systems include\n VoIP, video-conferencing equipment, and network devices that manage\n H.323 traffic. \n\n Information about individual vendor H.323 implementations is available\n in the Vendor Information section below, and in the Vendor Information\n section of NISCC Vulnerability Advisory 006489/H323. \n\n The U.K. National Infrastructure Security Co-ordination Centre is\n tracking these vulnerabilities as NISCC/006489/H.323. The CERT/CC is\n tracking this issue as VU#749342. This reference number corresponds to\n CVE candidate CAN-2003-0819, as referenced in Microsoft Security\n Bulletin MS04-001. \n\nII. \n\nIII. Solution\n\nApply a patch or upgrade\n\n Appendix A and the Systems Affected section of Vulnerability Note\n VU#749342 contain information provided by vendors for this advisory\n (\u003chttp://www.kb.cert.org/vuls/id/749342#systems\u003e). \n\n However, as vendors report new information to the CERT/CC, we will\n only update VU#749342. If a particular vendor is not listed, we have\n not received their comments. Please contact your vendor directly. \n\nFilter network traffic\n\n Sites are encouraged to apply network packet filters to block access\n to the H.323 services at network borders. This can minimize the\n potential of denial-of-service attacks originating from outside the\n perimeter. The specific services that should be filtered include\n\n * 1720/TCP\n * 1720/UDP\n\n If access cannot be filtered at the network perimeter, the CERT/CC\n recommends limiting access to only those external hosts that require\n H.323 for normal operation. As a general rule, filtering all types of\n network traffic that are not required for normal operation is\n recommended. \n\n It is important to note that some firewalls process H.323 packets and\n may themselves be vulnerable to attack. As noted in some vendor\n recommendations like Cisco Security Advisory 20040113-h323 and\n Microsoft Security Bulletin MS04-001, certain sites may actually want\n to disable application layer inspection of H.323 network packets. \n\n Protecting your infrastructure against these vulnerabilities may\n require careful coordination among application, computer, network, and\n telephony administrators. You may have to make tradeoffs between\n security and functionality until vulnerable products can be updated. \n\nAppendix A. - Vendor Information\n\n This appendix contains information provided by vendors for this\n advisory. Please see the Systems Affected section of Vulnerability\n Note VU#749342 and the Vendor Information section of NISCC\n Vulnerability Advisory 006489/H323 for the latest information\n regarding the response of the vendor community to this issue. \n\n3Com\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nAlcatel\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nApple Computer Inc. \n\n Apple: Not Vulnerable. Mac OS X and Mac OS X Server do not contain\n the issue described in this note. \n\nAT\u0026T\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nAvaya\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nBorderware\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCheck Point\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nBSDI\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCisco Systems Inc. \n\n Please see\n http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml\n\nClavister\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nComputer Associates\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nCyberguard\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nDebian\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nD-Link Systems\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nConectiva\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nEMC Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nEngarde\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\neSoft\n\n We don\u0027t have an H.323 implementation and thus aren\u0027t affected by\n this. \n\nExtreme Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nF5 Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFoundry Networks Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFreeBSD\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nFujitsu\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nGlobal Technology Associates\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nHitachi\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nHewlett-Packard Company\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nIngrian Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nIntel\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nIntoto\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nJuniper Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLachman\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLinksys\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLotus Software\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nLucent Technologies\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nMicrosoft Corporation\n\n Please see\n http://www.microsoft.com/technet/security/bulletin/MS04-001.asp\n\nMontaVista Software\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nMandrakeSoft\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nMulti-Tech Systems Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNEC Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetBSD\n\n NetBSD does not ship any H.323 implementations as part of the\n Operating System. \n\n There are a number of third-party implementations available in the\n pkgsrc system. As these products are found to be vulnerable, or\n updated, the packages will be updated accordingly. The\n audit-packages mechanism can be used to check for known-vulnerable\n package versions. \n\nNetfilter\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetScreen\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNetwork Appliance\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNokia\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nNortel Networks\n\n The following Nortel Networks Generally Available products and\n solutions are potentially affected by the vulnerabilities\n identified in NISCC Vulnerability Advisory 006489/H323 and CERT\n VU#749342:\n\n Business Communications Manager (BCM) (all versions) is potentially\n affected; more information is available in Product Advisory Alert\n No. PAA 2003-0392-Global. \n\n Succession 1000 IP Trunk and IP Peer Networking, and 802.11\n Wireless IP Gateway are potentially affected; more information is\n available in Product Advisory Alert No. PAA-2003-0465-Global. \n\n For more information please contact\n\n North America: 1-800-4NORTEL or 1-800-466-7835\n Europe, Middle East and Africa: 00800 8008 9009,\n or +44 (0) 870 907 9009\n\n Contacts for other regions are available at\n\n http://www.nortelnetworks.com/help/contact/global/\n\n Or visit the eService portal at http://www.nortelnetworks.com/cs\n under Advanced Search. \n\n If you are a channel partner, more information can be found under\n\n http://www.nortelnetworks.com/pic\n\n under Advanced Search. \n\nNovell\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nObjective Systems Inc. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nOpenBSD\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nOpenwall GNU/*/Linux\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nRadVision\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nRed Hat Inc. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nOracle Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nRiverstone Networks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSecure Computing Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSecureWorks\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSequent\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSony Corporation\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nStonesoft\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSun Microsystems Inc. \n\n Sun SNMP does not provide support for H.323, so we are not\n vulnerable. And so far we have not found any bundled products that\n are affected by this vulnerability. We are also actively\n investigating our unbundled products to see if they are affected. \n Updates will be provided to this statement as they become\n available. \n\nSuSE Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nSymantec Corporation\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nUnisys\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nTandBerg\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nTumbleweed Communications Corp. \n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nTurboLinux\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nuniGone\n\n Please see the NISCC Vulnerability Advisory 006489/H323 at\n http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nWatchGuard\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nWirex\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nWind River Systems Inc. \n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nXerox\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n\nZyXEL\n\n No statement is currently available from the vendor regarding this\n vulnerability. \n _________________________________________________________________\n\n The CERT Coordination Center thanks the NISCC Vulnerability Management\n Team and the University of Oulu Security Programming Group (OUSPG) for\n coordinating the discovery and release of the technical details of\n this issue. \n _________________________________________________________________\n\n Feedback may be directed to the authors: Jeffrey S. Havrilla, Mindi J. \n McDowell, Shawn V. Hernan and Jason A. Rafail\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/advisories/CA-2004-01.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n ______________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright 2004 Carnegie Mellon University. \n\n Revision History\nJanuary 13, 2004: Initial release\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBQASK7JZ2NNT/dVAVAQG65wP8C7DyEvZGz0HqXtRqk+PAjjpMqex1hdjT\nBfkT6oHMhTWIdvUE1mpAwnV7OPL+N+UugCC0bAEXQzBy/YkBBOptt7IZdIeOlInh\nAP0RO5zqt0GqMIrdW7P14iWBX2lLCQaMUgWNyvK4ZTNE9UzpOgBk2JonfBLjbH77\nKeVgAqcfP2M=\n=p0GQ\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200404-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Multiple Vulnerabilities in pwlib\n\n Date: April 09, 2004\n Bugs: #45846\n ID: 200404-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilites have been found in pwlib that may lead to a\nremote denial of service or buffer overflow attack. \n\nBackground\n==========\n\npwlib is a multi-platform library designed for OpenH323. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n dev-libs/pwlib \u003c= 1.5.2-r2 \u003e= 1.5.2-r3\n\nDescription\n===========\n\nMultiple vulnerabilities have been found in the implimentation of\nprotocol H.323 contained in pwlib. Most of the vulnerabilies are in the\nparsing of ASN.1 elements which would allow an attacker to use a\nmaliciously crafted ASN.1 element to cause unpredictable behavior in\npwlib. \n\nWorkaround\n==========\n\nBlocking ports 1719 and 1720 may reduce the likelihood of an attack. \nAll users are advised to upgrade to the latest version of the affected\npackage. \n\nResolution\n==========\n\nAll pwlib users are advised to upgrade to version 1.5.2-r3 or later:\n\n # emerge sync\n\n # emerge -pv \"\u003e=dev-libs/pwlib-1.5.2-r3\"\n # emerge \"\u003e=dev-libs/pwlib-1.5.2-r3\"\n\nReferences\n==========\n\n [ 1 ] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097\n [ 2 ] http://www.uniras.gov.uk/vuls/2004/006489/h323.htm\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200404-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2004 Gentoo Technologies, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/1.0\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0097"
},
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000012"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "PACKETSTORM",
"id": "33050"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#749342",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2004-0097",
"trust": 2.8
},
{
"db": "BID",
"id": "9406",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "10869",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1008846",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000012",
"trust": 0.8
},
{
"db": "XF",
"id": "15202",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:803",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:10056",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:826",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-448",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2004:047",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2004-01",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200403-046",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "32511",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "33050",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000012"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "PACKETSTORM",
"id": "33050"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-046"
},
{
"db": "NVD",
"id": "CVE-2004-0097"
}
]
},
"id": "VAR-200403-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.45567543
},
"last_update_date": "2025-04-03T22:11:06.039000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DSA-448",
"trust": 0.8,
"url": "http://www.debian.org/security/2004/dsa-448"
},
{
"title": "RHSA-2004:048",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2004-048.html"
},
{
"title": "RHSA-2004:047",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2004-047.html"
},
{
"title": "RHSA-2004:047",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-047J.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000012"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0097"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.cert.org/advisories/ca-2004-01.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/9406"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2004-047.html"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2004/dsa-448"
},
{
"trust": 1.3,
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a826"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a803"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15202"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10056"
},
{
"trust": 0.8,
"url": "http://www.itu.int/itudoc/itu-t/rec/h/h225-0.html"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/h2250v4/index.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0097"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20040113-00387.xml"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040301.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040501.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2004/wr040901.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-006489/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2004-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2004-01/"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0097"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20040113-00387.pdf"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/10869/"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/alerts/2004/jan/1008846.html"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/voip_vul160.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20040114_112014.html"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/15202"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:10056"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:826"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:803"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040113-h323.shtml"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/alerts/h323.html"
},
{
"trust": 0.3,
"url": "http://support.fvc.com/eng/docs/misc_docs/h.323_security_bulletin.pdf"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/h323_hf.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101429-1\u0026searchclause="
},
{
"trust": 0.3,
"url": "http://support.avaya.com/japple/css/japple?temp.groupid=128450\u0026temp.selectedfamily=128451\u0026temp.selectedproduct=154235\u0026temp.selectedbucket=126655\u0026temp.feedbackstate=askforfeedback\u0026temp.documentid=15871"
},
{
"trust": 0.1,
"url": "http://www.cert.org/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/749342#systems\u003e)."
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/ms04-001.asp"
},
{
"trust": 0.1,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/help/contact/global/"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/cs"
},
{
"trust": 0.1,
"url": "http://www.nortelnetworks.com/pic"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0097"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200404-11.xml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0097"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/1.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000012"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "PACKETSTORM",
"id": "33050"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-046"
},
{
"db": "NVD",
"id": "CVE-2004-0097"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#749342"
},
{
"db": "BID",
"id": "9406"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000012"
},
{
"db": "PACKETSTORM",
"id": "32511"
},
{
"db": "PACKETSTORM",
"id": "33050"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-046"
},
{
"db": "NVD",
"id": "CVE-2004-0097"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-01-13T00:00:00",
"db": "CERT/CC",
"id": "VU#749342"
},
{
"date": "2004-01-13T00:00:00",
"db": "BID",
"id": "9406"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000012"
},
{
"date": "2004-01-14T18:44:00",
"db": "PACKETSTORM",
"id": "32511"
},
{
"date": "2004-04-09T12:06:00",
"db": "PACKETSTORM",
"id": "33050"
},
{
"date": "2004-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-046"
},
{
"date": "2004-03-03T05:00:00",
"db": "NVD",
"id": "CVE-2004-0097"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-07-29T00:00:00",
"db": "CERT/CC",
"id": "VU#749342"
},
{
"date": "2007-11-15T00:39:00",
"db": "BID",
"id": "9406"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000012"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-046"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2004-0097"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-046"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in H.323 implementations",
"sources": [
{
"db": "CERT/CC",
"id": "VU#749342"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "9406"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-046"
}
],
"trust": 0.9
}
}
VAR-200512-0640
Vulnerability from variot - Updated: 2025-04-03 22:10The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Note that some other DNS packet processing systems have the issues related to this vulnerability. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products Compressed DNS Messages Denial of Service
SECUNIA ADVISORY ID: SA15472
VERIFY ADVISORY: http://secunia.com/advisories/15472/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/
SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0640",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.0,
"vendor": "etl",
"version": "5.9"
},
{
"model": "delegate",
"scope": "lte",
"trust": 1.0,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.0,
"vendor": "delegate",
"version": "5.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.0,
"vendor": "etl",
"version": "6.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.9,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ethereal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tcpdump",
"version": null
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.8,
"vendor": "delegate",
"version": "8.10.2 and eariler"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": "unity express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79120"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3700"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7325"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "565"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "510"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ata-188",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.18"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "subscriber edge services manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(2)"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:delegate:delegate",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0036",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0036",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0036",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#23495",
"trust": 0.8,
"value": "41.92"
},
{
"author": "NVD",
"id": "CVE-2005-0036",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-967",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2005-0036",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Note that some other DNS packet processing systems have the issues related to this vulnerability. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0036"
},
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "PACKETSTORM",
"id": "37713"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13729",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2005-0036",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "25291",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "15472",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1014043",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014044",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014045",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014046",
"trust": 0.8
},
{
"db": "BID",
"id": "1165",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#23495",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2005-0036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37713",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"id": "VAR-200512-0640",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3638431
},
"last_update_date": "2025-04-03T22:10:46.632000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.delegate.org/delegate/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/13729"
},
{
"trust": 2.9,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"trust": 1.7,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/25291"
},
{
"trust": 1.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15472/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1165"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014046"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014045"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014044"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014043"
},
{
"trust": 0.8,
"url": "http://www.ethereal.com"
},
{
"trust": 0.8,
"url": "http://www.tcpdump.org"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0036"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20050524-00432.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/0610"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-589088/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0036"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=9258"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5151/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2268/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2269/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2809/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2005-12-31T00:00:00",
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"date": "2005-05-24T00:00:00",
"db": "BID",
"id": "13729"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37713"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13729"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"date": "2010-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
}
],
"trust": 0.9
}
}
VAR-200512-0860
Vulnerability from variot - Updated: 2025-04-03 22:10Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products Compressed DNS Messages Denial of Service
SECUNIA ADVISORY ID: SA15472
VERIFY ADVISORY: http://secunia.com/advisories/15472/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/
SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0860",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ata",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "188"
},
{
"model": "ata",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "186"
},
{
"model": "ip phone 7902",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ip phone 7905",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unity express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "application and content networking software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ip phone 7912",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unity express",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ethereal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tcpdump",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "subscriber edge services manager",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 7902",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "application and content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 7905",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 7912",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79120"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3700"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7325"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "565"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "510"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ata-188",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.18"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "subscriber edge services manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(2)"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
}
],
"trust": 0.9
},
"cve": "CVE-2005-4794",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-4794",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-16002",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-4794",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#23495",
"trust": 0.8,
"value": "41.92"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-642",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-16002",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the DNS implementation\nduring the decompression of compressed DNS messages and can be\nexploited via a specially crafted DNS packet containing invalid\ninformation in the compressed section. \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4794"
},
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "PACKETSTORM",
"id": "37713"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13729",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "15472",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1014043",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1014044",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1014045",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1014046",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2005-4794",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1015975",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "19003",
"trust": 1.7
},
{
"db": "BID",
"id": "1165",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#23495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20050524 CRAFTED DNS PACKET CAN CAUSE DENIAL OF SERVICE",
"trust": 0.6
},
{
"db": "XF",
"id": "20712",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-16002",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37713",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"id": "VAR-200512-0860",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16002"
}
],
"trust": 0.6152548999999999
},
"last_update_date": "2025-04-03T22:10:46.565000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"trust": 2.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/13729"
},
{
"trust": 1.7,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/19003"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014043"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014044"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014045"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014046"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015975"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/15472"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20712"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15472/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1165"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014046"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014045"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014044"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014043"
},
{
"trust": 0.8,
"url": "http://www.ethereal.com"
},
{
"trust": 0.8,
"url": "http://www.tcpdump.org"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/20712"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5151/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2268/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2269/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2809/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-16002"
},
{
"date": "2005-05-24T00:00:00",
"db": "BID",
"id": "13729"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37713"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-16002"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13729"
},
{
"date": "2006-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
}
],
"trust": 0.9
}
}
VAR-200512-0641
Vulnerability from variot - Updated: 2025-04-03 22:10The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products Compressed DNS Messages Denial of Service
SECUNIA ADVISORY ID: SA15472
VERIFY ADVISORY: http://secunia.com/advisories/15472/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/
SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0641",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ethereal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tcpdump",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "unity express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79120"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3700"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7325"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "565"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "510"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ata-188",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.18"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "subscriber edge services manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(2)"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0037",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0037",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0037",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#23495",
"trust": 0.8,
"value": "41.92"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-731",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the DNS implementation\nduring the decompression of compressed DNS messages and can be\nexploited via a specially crafted DNS packet containing invalid\ninformation in the compressed section. \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0037"
},
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13729",
"trust": 2.7
},
{
"db": "NVD",
"id": "CVE-2005-0037",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "25291",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "15472",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1014043",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014044",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014045",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014046",
"trust": 0.8
},
{
"db": "BID",
"id": "1165",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#23495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "37713",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"id": "VAR-200512-0641",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3638431
},
"last_update_date": "2025-04-03T22:10:46.533000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13729"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/25291"
},
{
"trust": 1.6,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 1.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15472/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1165"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014046"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014045"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014044"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014043"
},
{
"trust": 0.8,
"url": "http://www.ethereal.com"
},
{
"trust": 0.8,
"url": "http://www.tcpdump.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5151/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2268/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2269/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2809/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2005-05-24T00:00:00",
"db": "BID",
"id": "13729"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37713"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13729"
},
{
"date": "2010-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
}
],
"trust": 0.9
}
}
VAR-200512-0639
Vulnerability from variot - Updated: 2025-04-03 22:10The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products Compressed DNS Messages Denial of Service
SECUNIA ADVISORY ID: SA15472
VERIFY ADVISORY: http://secunia.com/advisories/15472/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/
SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0639",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "powerdns",
"scope": "eq",
"trust": 1.9,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.4"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.5"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.6"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.14"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.8"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.3a"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.7"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.2"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.3,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.12"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.0_rc1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.13"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.10"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.11"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.0"
},
{
"model": "powerdns",
"scope": "lte",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.9,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ethereal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tcpdump",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "unity express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79120"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3700"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7325"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "565"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "510"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ata-188",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.18"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "subscriber edge services manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(2)"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0038",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0038",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0038",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#23495",
"trust": 0.8,
"value": "41.92"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-776",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the DNS implementation\nduring the decompression of compressed DNS messages and can be\nexploited via a specially crafted DNS packet containing invalid\ninformation in the compressed section. \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0038"
},
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13729",
"trust": 2.7
},
{
"db": "NVD",
"id": "CVE-2005-0038",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "25291",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "15472",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1014043",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014044",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014045",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014046",
"trust": 0.8
},
{
"db": "BID",
"id": "1165",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#23495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "37713",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"id": "VAR-200512-0639",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3638431
},
"last_update_date": "2025-04-03T22:10:46.501000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13729"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/25291"
},
{
"trust": 1.6,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 1.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15472/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1165"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014046"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014045"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014044"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014043"
},
{
"trust": 0.8,
"url": "http://www.ethereal.com"
},
{
"trust": 0.8,
"url": "http://www.tcpdump.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5151/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2268/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2269/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2809/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2005-05-24T00:00:00",
"db": "BID",
"id": "13729"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37713"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13729"
},
{
"date": "2010-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
}
],
"trust": 0.9
}
}
CVE-2002-0769 (GCVE-0-2002-0769)
Vulnerability from nvd – Published: 2002-07-26 04:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4711",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4711"
},
{
"name": "cisco-ata-reveal-info(9056)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9056.php"
},
{
"name": "20020523 ATA-186 Password Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml"
},
{
"name": "cisco-ata-bypass-auth(9057)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9057.php"
},
{
"name": "4712",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4712"
},
{
"name": "20020509 Cisco ATA-186 admin password can be trivially circumvented",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-07-31T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4711",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4711"
},
{
"name": "cisco-ata-reveal-info(9056)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9056.php"
},
{
"name": "20020523 ATA-186 Password Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml"
},
{
"name": "cisco-ata-bypass-auth(9057)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9057.php"
},
{
"name": "4712",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4712"
},
{
"name": "20020509 Cisco ATA-186 admin password can be trivially circumvented",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4711",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4711"
},
{
"name": "cisco-ata-reveal-info(9056)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9056.php"
},
{
"name": "20020523 ATA-186 Password Disclosure Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml"
},
{
"name": "cisco-ata-bypass-auth(9057)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9057.php"
},
{
"name": "4712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4712"
},
{
"name": "20020509 Cisco ATA-186 admin password can be trivially circumvented",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0769",
"datePublished": "2002-07-26T04:00:00",
"dateReserved": "2002-07-25T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0769 (GCVE-0-2002-0769)
Vulnerability from cvelistv5 – Published: 2002-07-26 04:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4711",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4711"
},
{
"name": "cisco-ata-reveal-info(9056)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9056.php"
},
{
"name": "20020523 ATA-186 Password Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml"
},
{
"name": "cisco-ata-bypass-auth(9057)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9057.php"
},
{
"name": "4712",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4712"
},
{
"name": "20020509 Cisco ATA-186 admin password can be trivially circumvented",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-07-31T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4711",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4711"
},
{
"name": "cisco-ata-reveal-info(9056)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9056.php"
},
{
"name": "20020523 ATA-186 Password Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml"
},
{
"name": "cisco-ata-bypass-auth(9057)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9057.php"
},
{
"name": "4712",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4712"
},
{
"name": "20020509 Cisco ATA-186 admin password can be trivially circumvented",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4711",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4711"
},
{
"name": "cisco-ata-reveal-info(9056)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9056.php"
},
{
"name": "20020523 ATA-186 Password Disclosure Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml"
},
{
"name": "cisco-ata-bypass-auth(9057)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9057.php"
},
{
"name": "4712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4712"
},
{
"name": "20020509 Cisco ATA-186 admin password can be trivially circumvented",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0769",
"datePublished": "2002-07-26T04:00:00",
"dateReserved": "2002-07-25T00:00:00",
"dateUpdated": "2024-08-08T03:03:49.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}