First published: Mon Jun 06 2011(Updated: )
reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.2 does not initialize certain strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed Contact header.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Digium Asterisk | =1.8.3-rc3 | |
Digium Asterisk | =1.8.3 | |
Digium Asterisk | =1.8.2.4 | |
Digium Asterisk | =1.8.0-beta2 | |
Digium Asterisk | =1.8.3-rc1 | |
Digium Asterisk | =1.8.1 | |
Digium Asterisk | =1.8.1.2 | |
Digium Asterisk | =1.8.0-beta4 | |
Digium Asterisk | =1.8.4-rc1 | |
Digium Asterisk | =1.8.0-rc5 | |
Digium Asterisk | =1.8.3.1 | |
Digium Asterisk | =1.8.0-beta3 | |
Digium Asterisk | =1.8.0-beta5 | |
Digium Asterisk | =1.8.4 | |
Digium Asterisk | =1.8.3.2 | |
Digium Asterisk | =1.8.0-rc2 | |
Digium Asterisk | =1.8.3-rc2 | |
Digium Asterisk | =1.8.2.3 | |
Digium Asterisk | =1.8.3.3 | |
Digium Asterisk | =1.8.4-rc2 | |
Digium Asterisk | =1.8.2.1 | |
Digium Asterisk | =1.8.1-rc1 | |
Digium Asterisk | =1.8.0 | |
Digium Asterisk | =1.8.0-rc3 | |
Digium Asterisk | =1.8.1.1 | |
Digium Asterisk | =1.8.2 | |
Digium Asterisk | =1.8.2.2 | |
Digium Asterisk | =1.8.4-rc3 | |
Digium Asterisk | =1.8.0-beta1 | |
Digium Asterisk | =1.8.0-rc4 | |
Digium Asterisk | =1.8.4.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.