First published: Thu Mar 17 2011(Updated: )
AST-2011-004 [1] describes a remote crash vulnerability in the Asterisk TCP/TLS server. If a remote, unauthenticated, attacker were to rapidly open and close TCP connections to services using the ast_tcptls_* API, they could cause Asterisk to crash after dereferencing a NULL pointer. This flaw affects 1.6.2.x and 1.8.x, and is corrected in 1.6.2.17.1 and 1.8.3.1. [1] <a href="http://downloads.asterisk.org/pub/security/AST-2011-004.pdf">http://downloads.asterisk.org/pub/security/AST-2011-004.pdf</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Digium Asterisk | =1.6.1-beta2 | |
Digium Asterisk | =1.6.1.0-rc4 | |
Digium Asterisk | =1.6.1.8 | |
Digium Asterisk | =1.6.1.7-rc1 | |
Digium Asterisk | =1.6.1.5-rc1 | |
Digium Asterisk | =1.6.1.12 | |
Digium Asterisk | =1.6.1.0-rc5 | |
Digium Asterisk | =1.6.1.3-rc1 | |
Digium Asterisk | =1.6.1-beta4 | |
Digium Asterisk | =1.6.1.15-rc2 | |
Digium Asterisk | =1.6.1.18-rc1 | |
Digium Asterisk | =1.6.1.2 | |
Digium Asterisk | =1.6.1.19-rc2 | |
Digium Asterisk | =1.6.1.6 | |
Digium Asterisk | =1.6.1.5 | |
Digium Asterisk | =1.6.1.20-rc1 | |
Digium Asterisk | =1.6.1.0 | |
Digium Asterisk | =1.6.1.18-rc2 | |
Digium Asterisk | =1.6.1.14 | |
Digium Asterisk | =1.6.1.20-rc2 | |
Digium Asterisk | =1.6.1-rc1 | |
Digium Asterisk | =1.6.1.10-rc2 | |
Digium Asterisk | =1.6.1.19 | |
Digium Asterisk | =1.6.1.12-rc1 | |
Digium Asterisk | =1.6.1.22 | |
Digium Asterisk | =1.6.1.11 | |
Digium Asterisk | =1.6.1.10-rc3 | |
Digium Asterisk | =1.6.1 | |
Digium Asterisk | =1.6.1.20 | |
Digium Asterisk | =1.6.1.9 | |
Digium Asterisk | =1.6.1.19-rc3 | |
Digium Asterisk | =1.6.1.18 | |
Digium Asterisk | =1.6.1.17 | |
Digium Asterisk | =1.6.1-beta3 | |
Digium Asterisk | =1.6.1.4 | |
Digium Asterisk | =1.6.1.10 | |
Digium Asterisk | =1.6.1.16 | |
Digium Asterisk | =1.6.1.7-rc2 | |
Digium Asterisk | =1.6.1.0-rc2 | |
Digium Asterisk | =1.6.1.21 | |
Digium Asterisk | =1.6.1.0-rc3 | |
Digium Asterisk | =1.6.1.10-rc1 | |
Digium Asterisk | =1.6.1.19-rc1 | |
Digium Asterisk | =1.6.1.13 | |
Digium Asterisk | =1.6.1.13-rc1 | |
Digium Asterisk | =1.6.1.1 | |
Digium Asterisk | =1.6.1-beta1 | |
Digium Asterisk | =1.6.2.0-rc3 | |
Digium Asterisk | =1.6.2.0-rc2 | |
Digium Asterisk | =1.6.2.1 | |
Digium Asterisk | =1.6.2.0-rc4 | |
Digium Asterisk | =1.6.2.4 | |
Digium Asterisk | =1.6.2.6 | |
Digium Asterisk | =1.6.2.0-rc5 | |
Digium Asterisk | =1.6.2.0-rc7 | |
Digium Asterisk | =1.6.2.16-rc1 | |
Digium Asterisk | =1.6.2.17-rc1 | |
Digium Asterisk | =1.6.2.1-rc1 | |
Digium Asterisk | =1.6.2.16 | |
Digium Asterisk | =1.6.2.15-rc1 | |
Digium Asterisk | =1.6.2.17 | |
Digium Asterisk | =1.6.2.6-rc1 | |
Digium Asterisk | =1.6.2.2 | |
Digium Asterisk | =1.6.2.0-rc8 | |
Digium Asterisk | =1.6.2.3-rc2 | |
Digium Asterisk | =1.6.2.17-rc3 | |
Digium Asterisk | =1.6.2.16.1 | |
Digium Asterisk | =1.6.2.0 | |
Digium Asterisk | =1.6.2.17-rc2 | |
Digium Asterisk | =1.6.2.5 | |
Digium Asterisk | =1.6.2.0-rc6 | |
Digium Asterisk | =1.6.2.6-rc2 | |
Digium Asterisk | =1.8.3-rc3 | |
Digium Asterisk | =1.8.3 | |
Digium Asterisk | =1.8.0-beta2 | |
Digium Asterisk | =1.8.3-rc1 | |
Digium Asterisk | =1.8.1 | |
Digium Asterisk | =1.8.1.2 | |
Digium Asterisk | =1.8.0-beta4 | |
Digium Asterisk | =1.8.0-rc5 | |
Digium Asterisk | =1.8.0-beta3 | |
Digium Asterisk | =1.8.0-beta5 | |
Digium Asterisk | =1.8.0-rc2 | |
Digium Asterisk | =1.8.3-rc2 | |
Digium Asterisk | =1.8.2.3 | |
Digium Asterisk | =1.8.2.1 | |
Digium Asterisk | =1.8.1-rc1 | |
Digium Asterisk | =1.8.0 | |
Digium Asterisk | =1.8.0-rc3 | |
Digium Asterisk | =1.8.1.1 | |
Digium Asterisk | =1.8.2 | |
Digium Asterisk | =1.8.2.2 | |
Digium Asterisk | =1.8.0-beta1 | |
Digium Asterisk | =1.8.0-rc4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.