PUBLISHED DATE: September 20, 2001CVE-2001-0546:
Denial of Service Vulnerability

Description

Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (resource exhaustion) via a large amount of malformed H.323 data.

Products

• Microsoft isa server 2000
• Microsoft isa_server 2000 fp1
• Microsoft isa_server 2000 sp1
• Microsoft isa_server 2000 sp2

Questions to Ask Vendors

1. Can you confirm whether your systems are affected by CVE-2001-0546, and if so, what steps are you currently taking to mitigate this vulnerability?
2. What is your estimated timeline for fully resolving CVE-2001-0546 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions

• Check out the advisory links provided below.

References

• https://nvd.nist.gov/vuln/detail/CVE-2001-0546