First published: Thu Mar 17 2011(Updated: )
AST-2011-003 [1] describes a resrouce exhaustion flaw in the Asterisk Manager Interface. If manger connections were rapily opened, sent invalid data, then closed, it could cause Asterisk to exhaust available CPU and memory resources. The Manager Interface is disabled by default. Versions 1.6.2.x and 1.8.x are affected, and 1.6.2.17.1 and 1.8.3.1 have been released to correct this flaw. [1] <a href="http://downloads.asterisk.org/pub/security/AST-2011-003.pdf">http://downloads.asterisk.org/pub/security/AST-2011-003.pdf</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Digium Asterisk | =1.6.1-beta2 | |
Digium Asterisk | =1.6.1.0-rc4 | |
Digium Asterisk | =1.6.1.8 | |
Digium Asterisk | =1.6.1.7-rc1 | |
Digium Asterisk | =1.6.1.5-rc1 | |
Digium Asterisk | =1.6.1.12 | |
Digium Asterisk | =1.6.1.0-rc5 | |
Digium Asterisk | =1.6.1.3-rc1 | |
Digium Asterisk | =1.6.1-beta4 | |
Digium Asterisk | =1.6.1.15-rc2 | |
Digium Asterisk | =1.6.1.18-rc1 | |
Digium Asterisk | =1.6.1.2 | |
Digium Asterisk | =1.6.1.19-rc2 | |
Digium Asterisk | =1.6.1.6 | |
Digium Asterisk | =1.6.1.5 | |
Digium Asterisk | =1.6.1.20-rc1 | |
Digium Asterisk | =1.6.1.0 | |
Digium Asterisk | =1.6.1.18-rc2 | |
Digium Asterisk | =1.6.1.14 | |
Digium Asterisk | =1.6.1.20-rc2 | |
Digium Asterisk | =1.6.1-rc1 | |
Digium Asterisk | =1.6.1.10-rc2 | |
Digium Asterisk | =1.6.1.19 | |
Digium Asterisk | =1.6.1.12-rc1 | |
Digium Asterisk | =1.6.1.22 | |
Digium Asterisk | =1.6.1.11 | |
Digium Asterisk | =1.6.1.10-rc3 | |
Digium Asterisk | =1.6.1 | |
Digium Asterisk | =1.6.1.20 | |
Digium Asterisk | =1.6.1.9 | |
Digium Asterisk | =1.6.1.19-rc3 | |
Digium Asterisk | =1.6.1.18 | |
Digium Asterisk | =1.6.1.17 | |
Digium Asterisk | =1.6.1-beta3 | |
Digium Asterisk | =1.6.1.4 | |
Digium Asterisk | =1.6.1.10 | |
Digium Asterisk | =1.6.1.16 | |
Digium Asterisk | =1.6.1.7-rc2 | |
Digium Asterisk | =1.6.1.23 | |
Digium Asterisk | =1.6.1.0-rc2 | |
Digium Asterisk | =1.6.1.21 | |
Digium Asterisk | =1.6.1.0-rc3 | |
Digium Asterisk | =1.6.1.10-rc1 | |
Digium Asterisk | =1.6.1.19-rc1 | |
Digium Asterisk | =1.6.1.13 | |
Digium Asterisk | =1.6.1.13-rc1 | |
Digium Asterisk | =1.6.1.1 | |
Digium Asterisk | =1.6.1-beta1 | |
Digium Asterisk | =1.6.2.0-rc3 | |
Digium Asterisk | =1.6.2.0-rc2 | |
Digium Asterisk | =1.6.2.1 | |
Digium Asterisk | =1.6.2.0-rc4 | |
Digium Asterisk | =1.6.2.4 | |
Digium Asterisk | =1.6.2.6 | |
Digium Asterisk | =1.6.2.0-rc5 | |
Digium Asterisk | =1.6.2.0-rc7 | |
Digium Asterisk | =1.6.2.16-rc1 | |
Digium Asterisk | =1.6.2.17-rc1 | |
Digium Asterisk | =1.6.2.1-rc1 | |
Digium Asterisk | =1.6.2.16 | |
Digium Asterisk | =1.6.2.15-rc1 | |
Digium Asterisk | =1.6.2.17 | |
Digium Asterisk | =1.6.2.6-rc1 | |
Digium Asterisk | =1.6.2.17.1 | |
Digium Asterisk | =1.6.2.2 | |
Digium Asterisk | =1.6.2.0-rc8 | |
Digium Asterisk | =1.6.2.3-rc2 | |
Digium Asterisk | =1.6.2.17-rc3 | |
Digium Asterisk | =1.6.2.16.1 | |
Digium Asterisk | =1.6.2.0 | |
Digium Asterisk | =1.6.2.17-rc2 | |
Digium Asterisk | =1.6.2.5 | |
Digium Asterisk | =1.6.2.0-rc6 | |
Digium Asterisk | =1.6.2.6-rc2 | |
Digium Asterisk | =1.8.3-rc3 | |
Digium Asterisk | =1.8.3 | |
Digium Asterisk | =1.8.0-beta2 | |
Digium Asterisk | =1.8.3-rc1 | |
Digium Asterisk | =1.8.1 | |
Digium Asterisk | =1.8.1.2 | |
Digium Asterisk | =1.8.0-beta4 | |
Digium Asterisk | =1.8.0-rc5 | |
Digium Asterisk | =1.8.3.1 | |
Digium Asterisk | =1.8.0-beta3 | |
Digium Asterisk | =1.8.0-beta5 | |
Digium Asterisk | =1.8.0-rc2 | |
Digium Asterisk | =1.8.3-rc2 | |
Digium Asterisk | =1.8.2.3 | |
Digium Asterisk | =1.8.2.1 | |
Digium Asterisk | =1.8.1-rc1 | |
Digium Asterisk | =1.8.0 | |
Digium Asterisk | =1.8.0-rc3 | |
Digium Asterisk | =1.8.1.1 | |
Digium Asterisk | =1.8.2 | |
Digium Asterisk | =1.8.2.2 | |
Digium Asterisk | =1.8.0-beta1 | |
Digium Asterisk | =1.8.0-rc4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.