Vulnerability CVE-2004-0056


Published: 2004-02-17   Modified: 2012-02-12

Description:
Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Nortel -> Business communications manager 
Nortel -> 802.11 wireless ip gateway 
Nortel -> Succession communication server 1000 

 References:
http://www.kb.cert.org/vuls/id/749342
http://www.cert.org/advisories/CA-2004-01.html
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
http://www.securitytracker.com/id?1008687
http://www.securityfocus.com/bid/9406

Copyright 2024, cxsecurity.com

 

Back to Top