First published: Fri Apr 22 2011(Updated: )
Asterisk did not limit the number of unauthenticated connections to vulnerable interfaces and did not limit the time unauthenticated clients remain connected to some interfaces. A remote attacker could open many subsequent connections to vulnerable Asterisk interfaces, leading to file descriptor resource exhaustion or possibly to disk space exhaustion (due Asterisk feature of logging failures to open new file descriptors into its log file). References: [1] <a href="http://downloads.asterisk.org/pub/security/AST-2011-005.html">http://downloads.asterisk.org/pub/security/AST-2011-005.html</a> Upstream patches: [2] <a href="http://downloads.asterisk.org/pub/security/AST-2011-005-1.4.diff">http://downloads.asterisk.org/pub/security/AST-2011-005-1.4.diff</a> (against v1.4 branch) [3] <a href="http://downloads.asterisk.org/pub/security/AST-2011-005-1.6.1.diff">http://downloads.asterisk.org/pub/security/AST-2011-005-1.6.1.diff</a> (against v1.6.1 branch) [4] <a href="http://downloads.asterisk.org/pub/security/AST-2011-005-1.6.2.diff">http://downloads.asterisk.org/pub/security/AST-2011-005-1.6.2.diff</a> (against v1.6.2 branch) [5] <a href="http://downloads.asterisk.org/pub/security/AST-2011-005-1.8.diff">http://downloads.asterisk.org/pub/security/AST-2011-005-1.8.diff</a> (against v1.8 branch)
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Digium Asterisk | =1.4.37-rc1 | |
Digium Asterisk | =1.4.26.3 | |
Digium Asterisk | =1.4.22-rc3 | |
Digium Asterisk | =1.4.27-rc2 | |
Digium Asterisk | =1.4.36-rc1 | |
Digium Asterisk | =1.4.26-rc4 | |
Digium Asterisk | =1.4.28 | |
Digium Asterisk | =1.4.27-rc1 | |
Digium Asterisk | =1.4.27.1 | |
Digium Asterisk | =1.4.26-rc5 | |
Digium Asterisk | =1.4.0-beta4 | |
Digium Asterisk | =1.4.0-beta2 | |
Digium Asterisk | =1.4.35-rc1 | |
Digium Asterisk | =1.4.26.2 | |
Digium Asterisk | =1.4.19.2 | |
Digium Asterisk | =1.4.26.1 | |
Digium Asterisk | =1.4.20-rc1 | |
Digium Asterisk | =1.4.16 | |
Digium Asterisk | =1.4.3 | |
Digium Asterisk | =1.4.27-rc3 | |
Digium Asterisk | =1.4.19.1 | |
Digium Asterisk | =1.4.30 | |
Digium Asterisk | =1.4.38-rc1 | |
Digium Asterisk | =1.4.38 | |
Digium Asterisk | =1.4.33 | |
Digium Asterisk | =1.4.23-rc4 | |
Digium Asterisk | =1.4.22 | |
Digium Asterisk | =1.4.0 | |
Digium Asterisk | =1.4.32 | |
Digium Asterisk | =1.4.31-rc2 | |
Digium Asterisk | =1.4.22.2 | |
Digium Asterisk | =1.4.26-rc3 | |
Digium Asterisk | =1.4.33-rc1 | |
Digium Asterisk | =1.4.20 | |
Digium Asterisk | =1.4.39 | |
Digium Asterisk | =1.4.22.1 | |
Digium Asterisk | =1.4.39.2 | |
Digium Asterisk | =1.4.12.1 | |
Digium Asterisk | =1.4.2 | |
Digium Asterisk | =1.4.19 | |
Digium Asterisk | =1.4.29 | |
Digium Asterisk | =1.4.20-rc3 | |
Digium Asterisk | =1.4.18 | |
Digium Asterisk | =1.4.34 | |
Digium Asterisk | =1.4.21-rc2 | |
Digium Asterisk | =1.4.22-rc1 | |
Digium Asterisk | =1.4.40 | |
Digium Asterisk | =1.4.10 | |
Digium Asterisk | =1.4.35 | |
Digium Asterisk | =1.4.24.1 | |
Digium Asterisk | =1.4.10.1 | |
Digium Asterisk | =1.4.16.1 | |
Digium Asterisk | =1.4.19-rc4 | |
Digium Asterisk | =1.4.31 | |
Digium Asterisk | =1.4.33.1 | |
Digium Asterisk | =1.4.25-rc1 | |
Digium Asterisk | =1.4.25 | |
Digium Asterisk | =1.4.11 | |
Digium Asterisk | =1.4.23 | |
Digium Asterisk | =1.4.39.1 | |
Digium Asterisk | =1.4.26-rc2 | |
Digium Asterisk | =1.4.29-rc1 | |
Digium Asterisk | =1.4.22-rc2 | |
Digium Asterisk | =1.4.15 | |
Digium Asterisk | =1.4.34-rc2 | |
Digium Asterisk | =1.4.31-rc1 | |
Digium Asterisk | =1.4.28-rc1 | |
Digium Asterisk | =1.4.40-rc1 | |
Digium Asterisk | =1.4.19-rc3 | |
Digium Asterisk | =1.4.23-rc1 | |
Digium Asterisk | =1.4.27 | |
Digium Asterisk | =1.4.25.1 | |
Digium Asterisk | =1.4.34-rc1 | |
Digium Asterisk | =1.4.21.1 | |
Digium Asterisk | =1.4.19-rc2 | |
Digium Asterisk | =1.4.12 | |
Digium Asterisk | =1.4.37 | |
Digium Asterisk | =1.4.20-rc2 | |
Digium Asterisk | =1.4.19-rc1 | |
Digium Asterisk | =1.4.13 | |
Digium Asterisk | =1.4.21.2 | |
Digium Asterisk | =1.4.27-rc4 | |
Digium Asterisk | =1.4.33-rc2 | |
Digium Asterisk | =1.4.17 | |
Digium Asterisk | =1.4.40-rc2 | |
Digium Asterisk | =1.4.29.1 | |
Digium Asterisk | =1.4.23-rc2 | |
Digium Asterisk | =1.4.22-rc4 | |
Digium Asterisk | =1.4.22-rc5 | |
Digium Asterisk | =1.4.21-rc1 | |
Digium Asterisk | =1.4.26-rc1 | |
Digium Asterisk | =1.4.26-rc6 | |
Digium Asterisk | =1.4.1 | |
Digium Asterisk | =1.4.32-rc1 | |
Digium Asterisk | =1.4.39-rc1 | |
Digium Asterisk | =1.4.14 | |
Digium Asterisk | =1.4.20.1 | |
Digium Asterisk | =1.4.24 | |
Digium Asterisk | =1.4.0-beta1 | |
Digium Asterisk | =1.4.40-rc3 | |
Digium Asterisk | =1.4.24-rc1 | |
Digium Asterisk | =1.4.26 | |
Digium Asterisk | =1.4.16.2 | |
Digium Asterisk | =1.4.23.2 | |
Digium Asterisk | =1.4.27-rc5 | |
Digium Asterisk | =1.4.30-rc2 | |
Digium Asterisk | =1.4.23.1 | |
Digium Asterisk | =1.4.23-rc3 | |
Digium Asterisk | =1.4.30-rc3 | |
Digium Asterisk | =1.4.36 | |
Digium Asterisk | =1.4.0-beta3 | |
Digium Asterisk | =1.4.21 | |
Digium Asterisk | =1.6.2.16.2 | |
Digium Asterisk | =1.6.2.0-rc3 | |
Digium Asterisk | =1.6.2.0-rc2 | |
Digium Asterisk | =1.6.2.1 | |
Digium Asterisk | =1.6.2.0-rc4 | |
Digium Asterisk | =1.6.2.4 | |
Digium Asterisk | =1.6.2.6 | |
Digium Asterisk | =1.6.2.0-rc5 | |
Digium Asterisk | =1.6.2.0-rc7 | |
Digium Asterisk | =1.6.2.16-rc1 | |
Digium Asterisk | =1.6.2.17-rc1 | |
Digium Asterisk | =1.6.2.1-rc1 | |
Digium Asterisk | =1.6.2.16 | |
Digium Asterisk | =1.6.2.15-rc1 | |
Digium Asterisk | =1.6.2.17 | |
Digium Asterisk | =1.6.2.6-rc1 | |
Digium Asterisk | =1.6.2.17.1 | |
Digium Asterisk | =1.6.2.2 | |
Digium Asterisk | =1.6.2.0-rc8 | |
Digium Asterisk | =1.6.2.3-rc2 | |
Digium Asterisk | =1.6.2.17-rc3 | |
Digium Asterisk | =1.6.2.16.1 | |
Digium Asterisk | =1.6.2.0 | |
Digium Asterisk | =1.6.2.17-rc2 | |
Digium Asterisk | =1.6.2.5 | |
Digium Asterisk | =1.6.2.0-rc6 | |
Digium Asterisk | =1.6.2.6-rc2 | |
Digium Asterisk | =1.6.2.17.2 | |
Digium Asterisk | =1.8.3-rc3 | |
Digium Asterisk | =1.8.3 | |
Digium Asterisk | =1.8.2.4 | |
Digium Asterisk | =1.8.0-beta2 | |
Digium Asterisk | =1.8.3-rc1 | |
Digium Asterisk | =1.8.1 | |
Digium Asterisk | =1.8.1.2 | |
Digium Asterisk | =1.8.0-beta4 | |
Digium Asterisk | =1.8.0-rc5 | |
Digium Asterisk | =1.8.3.1 | |
Digium Asterisk | =1.8.0-beta3 | |
Digium Asterisk | =1.8.0-beta5 | |
Digium Asterisk | =1.8.3.2 | |
Digium Asterisk | =1.8.0-rc2 | |
Digium Asterisk | =1.8.3-rc2 | |
Digium Asterisk | =1.8.2.3 | |
Digium Asterisk | =1.8.2.1 | |
Digium Asterisk | =1.8.1-rc1 | |
Digium Asterisk | =1.8.0 | |
Digium Asterisk | =1.8.0-rc3 | |
Digium Asterisk | =1.8.1.1 | |
Digium Asterisk | =1.8.2 | |
Digium Asterisk | =1.8.2.2 | |
Digium Asterisk | =1.8.0-beta1 | |
Digium Asterisk | =1.8.0-rc4 | |
Digium Asterisk | =c.3.1.0 | |
Digium Asterisk | =c.1.8.1 | |
Digium Asterisk | =c.2.3 | |
Digium Asterisk | =c.3.6.2 | |
Digium Asterisk | =c.3.1.1 | |
Digium Asterisk | =c.3.2.2 | |
Digium Asterisk | =c.1.0-beta7 | |
Digium Asterisk | =c.1.8.0 | |
Digium Asterisk | =c.1.6.2 | |
Digium Asterisk | =c.3.0 | |
Digium Asterisk | =c.3.6.3 | |
Digium Asterisk | =c.3.2.3 | |
Digium Asterisk | =c.1.6.1 | |
Digium Asterisk | =c.1.0-beta8 | |
Digium Asterisk | =c.1.6 | |
Digium Asterisk | =c.3.3.2 | |
Digium Asterisk | =1.6.1.0-rc4 | |
Digium Asterisk | =1.6.1.8 | |
Digium Asterisk | =1.6.1.7-rc1 | |
Digium Asterisk | =1.6.1.5-rc1 | |
Digium Asterisk | =1.6.1.12 | |
Digium Asterisk | =1.6.1.0-rc5 | |
Digium Asterisk | =1.6.1.3-rc1 | |
Digium Asterisk | =1.6.1.15-rc2 | |
Digium Asterisk | =1.6.1.24 | |
Digium Asterisk | =1.6.1.18-rc1 | |
Digium Asterisk | =1.6.1.2 | |
Digium Asterisk | =1.6.1.19-rc2 | |
Digium Asterisk | =1.6.1.6 | |
Digium Asterisk | =1.6.1.5 | |
Digium Asterisk | =1.6.1.20-rc1 | |
Digium Asterisk | =1.6.1.0 | |
Digium Asterisk | =1.6.1.18-rc2 | |
Digium Asterisk | =1.6.1.14 | |
Digium Asterisk | =1.6.1.20-rc2 | |
Digium Asterisk | =1.6.1.10-rc2 | |
Digium Asterisk | =1.6.1.19 | |
Digium Asterisk | =1.6.1.12-rc1 | |
Digium Asterisk | =1.6.1.22 | |
Digium Asterisk | =1.6.1.11 | |
Digium Asterisk | =1.6.1.10-rc3 | |
Digium Asterisk | =1.6.1.20 | |
Digium Asterisk | =1.6.1.9 | |
Digium Asterisk | =1.6.1.19-rc3 | |
Digium Asterisk | =1.6.1.18 | |
Digium Asterisk | =1.6.1.17 | |
Digium Asterisk | =1.6.1.4 | |
Digium Asterisk | =1.6.1.10 | |
Digium Asterisk | =1.6.1.16 | |
Digium Asterisk | =1.6.1.7-rc2 | |
Digium Asterisk | =1.6.1.23 | |
Digium Asterisk | =1.6.1.0-rc2 | |
Digium Asterisk | =1.6.1.21 | |
Digium Asterisk | =1.6.1.0-rc3 | |
Digium Asterisk | =1.6.1.10-rc1 | |
Digium Asterisk | =1.6.1.19-rc1 | |
Digium Asterisk | =1.6.1.13 | |
Digium Asterisk | =1.6.1.13-rc1 | |
Digium Asterisk | =1.6.1.1 | |
Digium Asterisk | =c.3.6.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.