Asterisk Two Denial of Service Vulnerabilities
Last Update Date:
10 Jan 2013
Release Date:
4 Jan 2013
5584
Views
RISK: High Risk
TYPE: Servers - Other Servers
Two vulnerabilities have been identified in Asterisk, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service).
- An error when handling TCP sessions can be exploited to cause a stack overflow and crash the service.
- An error when handling device state caches can be exploited to consume excessive system resource.
Impact
- Denial of Service
System / Technologies affected
- Asterisk 1.x
- Asterisk 10.x
- Asterisk 11.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 1.8.19.1, 10.11.1, or 11.1.1.
Vulnerability Identifier
Source
Related Link
Share with