7.5
CWE
399
Advisory Published
CVE Published
Updated

CVE-2016-7551

First published: Fri Sep 09 2016(Updated: )

chain_sip in Asterisk Open Source 11.x before 11.23.1 and 13.x 13.11.1 and Certified Asterisk 11.6 before 11.6-cert15 and 13.8 before 13.8-cert3 allows remote attackers to cause a denial of service (port exhaustion).

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
redhat/asterisk<11.23.1
11.23.1
redhat/asterisk<13.11.1
13.11.1
debian/asterisk<=1:11.13.1~dfsg-2<=1:11.13.0~dfsg-1<=1:13.7.2~dfsg-1
1:13.11.2~dfsg-1
1:11.13.1~dfsg-2+deb8u1
debian/asterisk
1:16.28.0~dfsg-0+deb11u4
1:20.8.1~dfsg+~cs6.14.40431414-1
Asterisk=11.0.0
Asterisk=11.0.0-beta1
Asterisk=11.0.0-beta2
Asterisk=11.0.0-rc1
Asterisk=11.0.0-rc2
Asterisk=11.0.1
Asterisk=11.0.2
Asterisk=11.1.0
Asterisk=11.1.0-rc1
Asterisk=11.1.0-rc3
Asterisk=11.1.1
Asterisk=11.1.2
Asterisk=11.2.0
Asterisk=11.2.0-rc1
Asterisk=11.2.0-rc2
Asterisk=11.2.1
Asterisk=11.2.2
Asterisk=11.3.0
Asterisk=11.4.0
Asterisk=11.5.0
Asterisk=11.5.1
Asterisk=11.6.0
Asterisk=11.6.1
Asterisk=11.7.0
Asterisk=11.8.0
Asterisk=11.8.1
Asterisk=11.9.0
Asterisk=11.10.0
Asterisk=11.10.1
Asterisk=11.10.2
Asterisk=11.11.0
Asterisk=11.12.0
Asterisk=11.12.1
Asterisk=11.13.0
Asterisk=11.13.1
Asterisk=11.14.0
Asterisk=11.14.1
Asterisk=11.14.2
Asterisk=11.15.0
Asterisk=11.15.1
Asterisk=11.16.0
Asterisk=11.17.0
Asterisk=11.17.1
Asterisk=11.18.0
Asterisk=11.19.0
Asterisk=11.20.0
Asterisk=11.21.0
Asterisk=11.21.1
Asterisk=11.21.2
Asterisk=11.22.0
Asterisk=11.22.0-rc1
Asterisk=11.23.0
Asterisk=11.23.0-rc1
Asterisk=13.0.0
Asterisk=13.0.0-beta1
Asterisk=13.0.0-beta2
Asterisk=13.0.0-beta3
Asterisk=13.0.1
Asterisk=13.0.2
Asterisk=13.1.0
Asterisk=13.1.1
Asterisk=13.2.0
Asterisk=13.2.1
Asterisk=13.3.0
Asterisk=13.3.1
Asterisk=13.3.2
Asterisk=13.4.0
Asterisk=13.5.0
Asterisk=13.6.0
Asterisk=13.7.0
Asterisk=13.7.1
Asterisk=13.7.2
Asterisk=13.8.0
Asterisk=13.8.0-rc1
Asterisk=13.8.1
Asterisk=13.8.2
Asterisk=13.9.0
Asterisk=13.9.1
Asterisk=13.10.0
Asterisk=13.10.0-rc1
Asterisk=13.11.0
Asterisk=11.6-cert1
Asterisk=11.6-cert1
Asterisk=11.6-cert1_rc1
Asterisk=11.6-cert1_rc2
Asterisk=11.6-cert10
Asterisk=11.6-cert11
Asterisk=11.6-cert12
Asterisk=11.6-cert13
Asterisk=11.6-cert14
Asterisk=11.6-cert15
Asterisk=11.6-cert2
Asterisk=11.6-cert2
Asterisk=11.6-cert3
Asterisk=11.6-cert3
Asterisk=11.6-cert4
Asterisk=11.6-cert5
Asterisk=11.6-cert6
Asterisk=11.6-cert7
Asterisk=11.6-cert8
Asterisk=11.6-cert9
Asterisk=11.6.0
Asterisk=11.6.0
Asterisk=11.6.0-rc1
Asterisk=11.6.0-rc2
Asterisk=13.8-cert1
Asterisk=13.8-cert1_rc1
Asterisk=13.8-cert1_rc2
Asterisk=13.8-cert1_rc3
Asterisk=13.8-cert2_rc1
Asterisk=13.8.0
Asterisk=13.8.0-rc1
Debian GNU/Linux=8.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2016-7551?

    CVE-2016-7551 has a severity rating that indicates it can lead to a denial of service through port exhaustion.

  • How do I fix CVE-2016-7551?

    To fix CVE-2016-7551, upgrade to Asterisk version 11.23.1 or 13.11.1 or later.

  • What systems are affected by CVE-2016-7551?

    CVE-2016-7551 affects Asterisk versions prior to 11.23.1 and 13.11.1.

  • Is there a risk of exploitation with CVE-2016-7551?

    Yes, CVE-2016-7551 allows remote attackers to exploit the vulnerability for a denial of service.

  • What kind of attacks can be executed using CVE-2016-7551?

    Attackers can cause a denial of service by exhausting available ports, which impacts system availability.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203