CVE-2007-1561 | Vulnerability Database | Aqua Security

The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.

Affected Software

Name	Vendor	Start Version	End Version
Asterisk	Asterisk	1.2.14 (including)	1.2.14 (including)
Asterisk	Asterisk	1.2.15 (including)	1.2.15 (including)
Asterisk	Asterisk	1.2.16 (including)	1.2.16 (including)
Asterisk	Asterisk	1.4.1 (including)	1.4.1 (including)
Asterisk	Ubuntu	dapper	*
Asterisk	Ubuntu	devel	*
Asterisk	Ubuntu	edgy	*
Asterisk	Ubuntu	feisty	*
Asterisk	Ubuntu	gutsy	*
Asterisk	Ubuntu	upstream	*

References

http://asterisk.org/node/48339
http://marc.info/?l=full-disclosure\u0026m=117432783011737\u0026w=2
http://secunia.com/advisories/24564
http://secunia.com/advisories/24719
http://secunia.com/advisories/25582
http://security.gentoo.org/glsa/glsa-200704-01.xml
http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html
http://www.debian.org/security/2007/dsa-1358
http://www.novell.com/linux/security/advisories/2007_34_asterisk.html
http://www.osvdb.org/34479
http://www.securityfocus.com/archive/1/463434/100/0/threaded
http://www.securityfocus.com/bid/23031
http://www.securitytracker.com/id?1017794
http://www.sineapps.com/news.php?rssid=1707
http://www.vupen.com/english/advisories/2007/1039
https://exchange.xforce.ibmcloud.com/vulnerabilities/33068
http://asterisk.org/node/48339
http://marc.info/?l=full-disclosure\u0026m=117432783011737\u0026w=2
http://secunia.com/advisories/24564
http://secunia.com/advisories/24719
http://secunia.com/advisories/25582
http://security.gentoo.org/glsa/glsa-200704-01.xml
http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html
http://www.debian.org/security/2007/dsa-1358
http://www.novell.com/linux/security/advisories/2007_34_asterisk.html
http://www.osvdb.org/34479
http://www.securityfocus.com/archive/1/463434/100/0/threaded
http://www.securityfocus.com/bid/23031
http://www.securitytracker.com/id?1017794
http://www.sineapps.com/news.php?rssid=1707
http://www.vupen.com/english/advisories/2007/1039
https://exchange.xforce.ibmcloud.com/vulnerabilities/33068

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-1561
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html