Avaya Cajun P330, P130, and G700 Media Gateway packet denial of service

avaya-packet-dos (12356) The risk level is classified as LowLow Risk

Description:

The Avaya Cajun P330 series switches and the Avaya G700 Media Gateway Library are vulnerable to a denial of service. By establishing a connection to a specific TCP or UDP port on the device and sending a malformed packet, a remote attacker can cause the device to reset, which would deny access to legitimate users.

Platforms Affected:

  • Avaya, Cajun P130
  • Avaya, Cajun P133
  • Avaya, Cajun P330
  • Avaya, Cajun P333
  • Avaya, G700 Media Gateway 3.0

Remedy:

For Avaya Cajun P330:
Upgrade to the latest version of firmware (4.0 or later), available from the Avaya Support Web page. See References.

For G700 Media Gateway:
Upgrade to the latest version of firmware, when it becomes available from the Avaya Support Web page. See References.

— OR —

For Avaya Cajun P130 and G700 Media Gateway:
As a workaround, block inbound connections from untrusted sources through the firewall to the device.

Consequences:

Denial of Service

References:

Reported:

Jun 17, 2003

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page