What is the severity of CVE-2011-2529?

CVE-2011-2529 has been classified as a denial of service vulnerability with potential memory corruption risks.

How do I fix CVE-2011-2529?

To fix CVE-2011-2529, upgrade to Asterisk version 1.6.2.18.1, 1.8.4.3, or later.

What types of systems are affected by CVE-2011-2529?

CVE-2011-2529 affects various versions of Asterisk Open Source, specifically those prior to 1.6.2.18.1 and 1.8.4.3.

Can CVE-2011-2529 lead to other impacts besides denial of service?

Yes, CVE-2011-2529 may allow remote attackers to cause unspecified impacts beyond denial of service, typically relating to memory corruption.

Is there a patch available for CVE-2011-2529?

Yes, patches addressing CVE-2011-2529 have been published and are available in updated versions of Asterisk.

Vulnerability/
CVE-2011-2529

medium

CWE

119

6/7/2011

6/8/2024

CVE-2011-2529: Buffer Overflow

First published: Wed Jul 06 2011(Updated: )

chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 does not properly handle '\0' characters in SIP packets, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted packet.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Asterisk	=1.6.0
Asterisk	=1.6.0-beta1
Asterisk	=1.6.0-beta2
Asterisk	=1.6.0-beta3
Asterisk	=1.6.0-beta4
Asterisk	=1.6.0-beta5
Asterisk	=1.6.0-beta6
Asterisk	=1.6.0-beta7
Asterisk	=1.6.0-beta7.1
Asterisk	=1.6.0-beta8
Asterisk	=1.6.0-beta9
Asterisk	=1.6.0-rc4
Asterisk	=1.6.0-rc5
Asterisk	=1.6.0-rc6
Asterisk	=1.6.0.1
Asterisk	=1.6.0.2
Asterisk	=1.6.0.3
Asterisk	=1.6.0.3-rc1
Asterisk	=1.6.0.4-rc1
Asterisk	=1.6.0.5
Asterisk	=1.6.0.6
Asterisk	=1.6.0.7
Asterisk	=1.6.0.8
Asterisk	=1.6.0.9
Asterisk	=1.6.0.10
Asterisk	=1.6.0.11
Asterisk	=1.6.0.11-rc1
Asterisk	=1.6.0.11-rc2
Asterisk	=1.6.0.12
Asterisk	=1.6.0.13
Asterisk	=1.6.0.14
Asterisk	=1.6.0.14-rc1
Asterisk	=1.6.0.15
Asterisk	=1.6.0.16
Asterisk	=1.6.0.16-rc1
Asterisk	=1.6.0.16-rc2
Asterisk	=1.6.0.17
Asterisk	=1.6.0.18
Asterisk	=1.6.0.18-rc1
Asterisk	=1.6.0.18-rc2
Asterisk	=1.6.0.18-rc3
Asterisk	=1.6.0.19
Asterisk	=1.6.0.20-rc1
Asterisk	=1.6.0.21
Asterisk	=1.6.0.21-rc1
Asterisk	=1.6.0.22
Asterisk	=1.6.0.23-rc2
Asterisk	=1.6.0.24
Asterisk	=1.6.0.25
Asterisk	=1.6.0.26
Asterisk	=1.6.1
Asterisk	=1.6.1-beta1
Asterisk	=1.6.1-beta2
Asterisk	=1.6.1-beta3
Asterisk	=1.6.1-beta4
Asterisk	=1.6.1-rc1
Asterisk	=1.6.1.0
Asterisk	=1.6.1.0-rc2
Asterisk	=1.6.1.0-rc3
Asterisk	=1.6.1.0-rc4
Asterisk	=1.6.1.0-rc5
Asterisk	=1.6.1.1
Asterisk	=1.6.1.2
Asterisk	=1.6.1.3-rc1
Asterisk	=1.6.1.4
Asterisk	=1.6.1.5
Asterisk	=1.6.1.5-rc1
Asterisk	=1.6.1.6
Asterisk	=1.6.1.7-rc1
Asterisk	=1.6.1.7-rc2
Asterisk	=1.6.1.8
Asterisk	=1.6.1.9
Asterisk	=1.6.1.10
Asterisk	=1.6.1.10-rc1
Asterisk	=1.6.1.10-rc2
Asterisk	=1.6.1.10-rc3
Asterisk	=1.6.1.11
Asterisk	=1.6.1.12
Asterisk	=1.6.1.12-rc1
Asterisk	=1.6.1.13
Asterisk	=1.6.1.13-rc1
Asterisk	=1.6.1.14
Asterisk	=1.6.1.15-rc2
Asterisk	=1.6.1.16
Asterisk	=1.6.1.17
Asterisk	=1.6.1.18
Asterisk	=1.6.1.18-rc1
Asterisk	=1.6.1.18-rc2
Asterisk	=1.6.1.19
Asterisk	=1.6.1.19-rc1
Asterisk	=1.6.1.19-rc2
Asterisk	=1.6.1.19-rc3
Asterisk	=1.6.1.20
Asterisk	=1.6.1.20-rc1
Asterisk	=1.6.1.20-rc2
Asterisk	=1.6.1.21
Asterisk	=1.6.1.22
Asterisk	=1.6.1.23
Asterisk	=1.6.1.24
Asterisk	=1.6.2.0
Asterisk	=1.6.2.0-rc2
Asterisk	=1.6.2.0-rc3
Asterisk	=1.6.2.0-rc4
Asterisk	=1.6.2.0-rc5
Asterisk	=1.6.2.0-rc6
Asterisk	=1.6.2.0-rc7
Asterisk	=1.6.2.0-rc8
Asterisk	=1.6.2.1
Asterisk	=1.6.2.1-rc1
Asterisk	=1.6.2.2
Asterisk	=1.6.2.3-rc2
Asterisk	=1.6.2.4
Asterisk	=1.6.2.5
Asterisk	=1.6.2.6
Asterisk	=1.6.2.6-rc1
Asterisk	=1.6.2.6-rc2
Asterisk	=1.6.2.15-rc1
Asterisk	=1.6.2.16
Asterisk	=1.6.2.16-rc1
Asterisk	=1.6.2.16.1
Asterisk	=1.6.2.16.2
Asterisk	=1.6.2.17
Asterisk	=1.6.2.17-rc1
Asterisk	=1.6.2.17-rc2
Asterisk	=1.6.2.17-rc3
Asterisk	=1.6.2.17.1
Asterisk	=1.6.2.17.2
Asterisk	=1.6.2.17.3
Asterisk	=1.6.2.18
Asterisk	=1.6.2.18-rc1
Asterisk	=1.8.0
Asterisk	=1.8.0-beta1
Asterisk	=1.8.0-beta2
Asterisk	=1.8.0-beta3
Asterisk	=1.8.0-beta4
Asterisk	=1.8.0-beta5
Asterisk	=1.8.0-rc2
Asterisk	=1.8.0-rc3
Asterisk	=1.8.0-rc4
Asterisk	=1.8.0-rc5
Asterisk	=1.8.1
Asterisk	=1.8.1-rc1
Asterisk	=1.8.1.1
Asterisk	=1.8.1.2
Asterisk	=1.8.2
Asterisk	=1.8.2.1
Asterisk	=1.8.2.2
Asterisk	=1.8.2.3
Asterisk	=1.8.2.4
Asterisk	=1.8.3
Asterisk	=1.8.3-rc1
Asterisk	=1.8.3-rc2
Asterisk	=1.8.3-rc3
Asterisk	=1.8.3.1
Asterisk	=1.8.3.2
Asterisk	=1.8.3.3
Asterisk	=1.8.4
Asterisk	=1.8.4-rc1
Asterisk	=1.8.4-rc2
Asterisk	=1.8.4-rc3
Asterisk	=1.8.4.1
Asterisk	=1.8.4.2

Remedy

http://downloads.asterisk.org/pub/security/AST-2011-008.diff

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2529?
CVE-2011-2529 has been classified as a denial of service vulnerability with potential memory corruption risks.
How do I fix CVE-2011-2529?
To fix CVE-2011-2529, upgrade to Asterisk version 1.6.2.18.1, 1.8.4.3, or later.
What types of systems are affected by CVE-2011-2529?
CVE-2011-2529 affects various versions of Asterisk Open Source, specifically those prior to 1.6.2.18.1 and 1.8.4.3.
Can CVE-2011-2529 lead to other impacts besides denial of service?
Yes, CVE-2011-2529 may allow remote attackers to cause unspecified impacts beyond denial of service, typically relating to memory corruption.
Is there a patch available for CVE-2011-2529?
Yes, patches addressing CVE-2011-2529 have been published and are available in updated versions of Asterisk.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/author
agent/remedy
agent/last-modified-date
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
agent/softwarecombine
agent/tags
vendor/digium
canonical/asterisk
version/asterisk/1.6.0
version/asterisk/1.6.0-beta1
version/asterisk/1.6.0-beta2
version/asterisk/1.6.0-beta3
version/asterisk/1.6.0-beta4
version/asterisk/1.6.0-beta5
version/asterisk/1.6.0-beta6
version/asterisk/1.6.0-beta7
version/asterisk/1.6.0-beta7.1
version/asterisk/1.6.0-beta8
version/asterisk/1.6.0-beta9
version/asterisk/1.6.0-rc4
version/asterisk/1.6.0-rc5
version/asterisk/1.6.0-rc6
version/asterisk/1.6.0.1
version/asterisk/1.6.0.2
version/asterisk/1.6.0.3
version/asterisk/1.6.0.3-rc1
version/asterisk/1.6.0.4-rc1
version/asterisk/1.6.0.5
version/asterisk/1.6.0.6
version/asterisk/1.6.0.7
version/asterisk/1.6.0.8
version/asterisk/1.6.0.9
version/asterisk/1.6.0.10
version/asterisk/1.6.0.11
version/asterisk/1.6.0.11-rc1
version/asterisk/1.6.0.11-rc2
version/asterisk/1.6.0.12
version/asterisk/1.6.0.13
version/asterisk/1.6.0.14
version/asterisk/1.6.0.14-rc1
version/asterisk/1.6.0.15
version/asterisk/1.6.0.16
version/asterisk/1.6.0.16-rc1
version/asterisk/1.6.0.16-rc2
version/asterisk/1.6.0.17
version/asterisk/1.6.0.18
version/asterisk/1.6.0.18-rc1
version/asterisk/1.6.0.18-rc2
version/asterisk/1.6.0.18-rc3
version/asterisk/1.6.0.19
version/asterisk/1.6.0.20-rc1
version/asterisk/1.6.0.21
version/asterisk/1.6.0.21-rc1
version/asterisk/1.6.0.22
version/asterisk/1.6.0.23-rc2
version/asterisk/1.6.0.24
version/asterisk/1.6.0.25
version/asterisk/1.6.0.26
version/asterisk/1.6.1
version/asterisk/1.6.1-beta1
version/asterisk/1.6.1-beta2
version/asterisk/1.6.1-beta3
version/asterisk/1.6.1-beta4
version/asterisk/1.6.1-rc1
version/asterisk/1.6.1.0
version/asterisk/1.6.1.0-rc2
version/asterisk/1.6.1.0-rc3
version/asterisk/1.6.1.0-rc4
version/asterisk/1.6.1.0-rc5
version/asterisk/1.6.1.1
version/asterisk/1.6.1.2
version/asterisk/1.6.1.3-rc1
version/asterisk/1.6.1.4
version/asterisk/1.6.1.5
version/asterisk/1.6.1.5-rc1
version/asterisk/1.6.1.6
version/asterisk/1.6.1.7-rc1
version/asterisk/1.6.1.7-rc2
version/asterisk/1.6.1.8
version/asterisk/1.6.1.9
version/asterisk/1.6.1.10
version/asterisk/1.6.1.10-rc1
version/asterisk/1.6.1.10-rc2
version/asterisk/1.6.1.10-rc3
version/asterisk/1.6.1.11
version/asterisk/1.6.1.12
version/asterisk/1.6.1.12-rc1
version/asterisk/1.6.1.13
version/asterisk/1.6.1.13-rc1
version/asterisk/1.6.1.14
version/asterisk/1.6.1.15-rc2
version/asterisk/1.6.1.16
version/asterisk/1.6.1.17
version/asterisk/1.6.1.18
version/asterisk/1.6.1.18-rc1
version/asterisk/1.6.1.18-rc2
version/asterisk/1.6.1.19
version/asterisk/1.6.1.19-rc1
version/asterisk/1.6.1.19-rc2
version/asterisk/1.6.1.19-rc3
version/asterisk/1.6.1.20
version/asterisk/1.6.1.20-rc1
version/asterisk/1.6.1.20-rc2
version/asterisk/1.6.1.21
version/asterisk/1.6.1.22
version/asterisk/1.6.1.23
version/asterisk/1.6.1.24
version/asterisk/1.6.2.0
version/asterisk/1.6.2.0-rc2
version/asterisk/1.6.2.0-rc3
version/asterisk/1.6.2.0-rc4
version/asterisk/1.6.2.0-rc5
version/asterisk/1.6.2.0-rc6
version/asterisk/1.6.2.0-rc7
version/asterisk/1.6.2.0-rc8
version/asterisk/1.6.2.1
version/asterisk/1.6.2.1-rc1
version/asterisk/1.6.2.2
version/asterisk/1.6.2.3-rc2
version/asterisk/1.6.2.4
version/asterisk/1.6.2.5
version/asterisk/1.6.2.6
version/asterisk/1.6.2.6-rc1
version/asterisk/1.6.2.6-rc2
version/asterisk/1.6.2.15-rc1
version/asterisk/1.6.2.16
version/asterisk/1.6.2.16-rc1
version/asterisk/1.6.2.16.1
version/asterisk/1.6.2.16.2
version/asterisk/1.6.2.17
version/asterisk/1.6.2.17-rc1
version/asterisk/1.6.2.17-rc2
version/asterisk/1.6.2.17-rc3
version/asterisk/1.6.2.17.1
version/asterisk/1.6.2.17.2
version/asterisk/1.6.2.17.3
version/asterisk/1.6.2.18
version/asterisk/1.6.2.18-rc1
version/asterisk/1.8.0
version/asterisk/1.8.0-beta1
version/asterisk/1.8.0-beta2
version/asterisk/1.8.0-beta3
version/asterisk/1.8.0-beta4
version/asterisk/1.8.0-beta5
version/asterisk/1.8.0-rc2
version/asterisk/1.8.0-rc3
version/asterisk/1.8.0-rc4
version/asterisk/1.8.0-rc5
version/asterisk/1.8.1
version/asterisk/1.8.1-rc1
version/asterisk/1.8.1.1
version/asterisk/1.8.1.2
version/asterisk/1.8.2
version/asterisk/1.8.2.1
version/asterisk/1.8.2.2
version/asterisk/1.8.2.3
version/asterisk/1.8.2.4
version/asterisk/1.8.3
version/asterisk/1.8.3-rc1
version/asterisk/1.8.3-rc2
version/asterisk/1.8.3-rc3
version/asterisk/1.8.3.1
version/asterisk/1.8.3.2
version/asterisk/1.8.3.3
version/asterisk/1.8.4
version/asterisk/1.8.4-rc1
version/asterisk/1.8.4-rc2
version/asterisk/1.8.4-rc3
version/asterisk/1.8.4.1
version/asterisk/1.8.4.2

CVE-2011-2529: Buffer Overflow

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-2529?

How do I fix CVE-2011-2529?

What types of systems are affected by CVE-2011-2529?

Can CVE-2011-2529 lead to other impacts besides denial of service?

Is there a patch available for CVE-2011-2529?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2011-2529?

How do I fix CVE-2011-2529?

What types of systems are affected by CVE-2011-2529?

Can CVE-2011-2529 lead to other impacts besides denial of service?

Is there a patch available for CVE-2011-2529?