Vulnerabilities in H.323 implementations

2004-01-1300:00:00

vuxml.freebsd.org

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.225 Low

EPSS

Percentile

96.5%

JSON

The NISCC and the OUSPG
developed a test suite for the H.323 protocol. This test
suite has uncovered vulnerabilities in several H.323
implementations with impacts ranging from denial-of-service
to arbitrary code execution.
In the FreeBSD Ports Collection, pwlib' is directly affected. Other applications such as asterisk’ and
openh323' incorporate pwlib’ statically and so are also
independently affected.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchpwlib< 1.5.0_5UNKNOWN
FreeBSDanynoarchasterisk<= 0.7.2UNKNOWN
FreeBSDanynoarchopenh323< 1.12.0_4UNKNOWN