Skip to main content

Asterisk SIP Channel Driver Vulnerability

Last Update Date: 18 Oct 2011 17:28 Release Date: 18 Oct 2011 5671 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in Asterisk, which can be exploited to cause denial of service. 

 

A remote authenticated user can cause a crash with a malformed request due to an unitialized variable.
 


Impact

  • Denial of Service

System / Technologies affected

  • Asterisk Open Source 1.8.x
  • Asterisk Open Source 10.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply the patch

For 1.8.x
http://downloads.asterisk.org/pub/security/AST-2011-012-1.8.diff
For 10.x
http://downloads.asterisk.org/pub/security/AST-2011-012-10.diff
 


Vulnerability Identifier


Source


Related Link