Check Point Advisories

Security Best Practice: MGCP Protocol Enforcement

Check Point Reference: SBP-2006-16
Date Published: 16 Jul 2006
Severity: Medium
Last Updated: Sunday 01 January, 2006
Source: SmartDefense Research Center
Protection Provided by:
Who is Vulnerable? MGCP servers
Vulnerability Description MGCP is an implementation of the Media Gateway Control Protocol architecture[1] for controlling Media Gateways on Internet Protocol (IP) networks and the public switched telephone network (PSTN).
MGCP is a signaling and call control protocol used within Voice over IP (VoIP) systems that typically interoperate with the public switched telephone network (PSTN).
MGCP uses the Session Description Protocol (SDP) for specifying and negotiating the media streams to be transmitted in a call session and the Real-time Transport Protocol (RTP) for framing of the media streams.
Vulnerability DetailsIf there are illegal characters in an MGCP message header the message may be incorrectly parsed, the parser may crash, the message may be incorrectly handled, and there may be Denial of Service.
 
If an MGCP server is flooded with requests that use commands the server does not support, the server may be overloaded. This could affect customer's service levels.

RFC 3350 section 14 states "RTP may be sent via IP multicast, which provides no direct means for a sender to know all the receivers of the data sent and therefore no measure of privacy. Rightly or not, users may be more sensitive to privacy concerns with audio and video communication than they have been with more traditional forms of network communication".

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK