|
 |
|
Microsoft ISA Server 2000 H.323 Protocol Filter Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA10611
|
|
|
Release Date:
|
2004-01-13
|
|
Last Update:
|
2004-01-14
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Microsoft ISA Server 2000
|
| | CVE reference: | CVE-2003-0819 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Microsoft Internet Security and Acceleration Server 2000 contain a vulnerability in the H.323 protocol implementation, which can be exploited by malicious people to cause a DoS (Denial of Service) or gain system access.
The vulnerability is caused due to various errors in the processing of H.323 traffic over TCP, which allows malicious people to overflow a buffer. This can be exploited by sending specially crafted messages to an affected system (default port 1720/tcp).
Successful exploitation may allow a malicious person to execute arbitrary code or crash a vulnerable system.
The H.323 filter is enabled by default on systems running in integrated or firewall mode.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution:
Microsoft has issued a patch:
Microsoft Internet Security and Acceleration Server 2000
http://www.microsoft.com/downloads/de...-9ACB-4CD449D9599B&displaylang=en
Changelog:
2004-01-14: Added link to CERT advisory.
Original Advisory:
Microsoft:
http://www.microsoft.com/technet/security/bulletin/MS04-001.asp
NISCC:
http://www.uniras.gov.uk/vuls/2004/006489/h323.htm
Other References:
CERT advisory:
http://www.cert.org/advisories/CA-2004-01.html
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
7 Related Secunia Security Advisories
|
|
|
1. Microsoft Office Web Components Two Vulnerabilities
|
|
2. Microsoft ISA Server Two Vulnerabilities
|
|
3. Microsoft ISA Server / Proxy Server Internet Content Spoofing Vulnerability
|
|
4. Microsoft ISA Server 2000 Various Security Issues
|
|
5. Microsoft ISA Server 2000 Error Page Cross Site Scripting
|
|
6. Microsoft Proxy Server 2.0 / ISA Server 2000 Denial of Service
|
|
7. Microsoft ISA Server Denial of Service
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
