CVE-2002-1906

Vulnerability

The web server in Polycom ViaVideo versions 2.2 and 3.0 is vulnerable to a denial of service. By sending incomplete HTTP requests and leaving the connections open, an attacker can cause excessive CPU consumption on the server. The bug lies in the server's handling of connection state; it does not properly close or time out connections that do not complete the HTTP request, leading to resource exhaustion.

Exploitation

An attacker only needs network access to the Polycom ViaVideo web server. No authentication or special privileges are required. The attacker sends multiple incomplete HTTP requests (e.g., by sending only a partial request line and never sending the terminating CRLF or additional headers) and keeps the connections open indefinitely. This can be done with a simple script or tool that opens TCP connections and sends partial data without completing the HTTP handshake.

Impact

Successful exploitation results in a denial of service condition. The web server's CPU resources are consumed by handling the open connections, potentially making the device unresponsive to legitimate requests. Since the Polycom ViaVideo is a video conferencing device, this could disrupt video calls and degrade availability.

Mitigation

No specific fix or workaround is mentioned in the available references. Polycom ViaVideo users should check with the vendor for updated firmware or security advisories. If no patch is available, limiting network access to the web server via firewall rules or disabling the web server if not needed may reduce exposure.