CVE Vulnerabilities

CVE-2011-1175

Published: Mar 31, 2011 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many short TCP sessions to services that use a certain TLS API.

Affected Software

Name Vendor Start Version End Version
Asterisk Digium 1.6.1 (including) 1.6.1 (including)
Asterisk Digium 1.6.1-beta1 (including) 1.6.1-beta1 (including)
Asterisk Digium 1.6.1-beta2 (including) 1.6.1-beta2 (including)
Asterisk Digium 1.6.1-beta3 (including) 1.6.1-beta3 (including)
Asterisk Digium 1.6.1-beta4 (including) 1.6.1-beta4 (including)
Asterisk Digium 1.6.1-rc1 (including) 1.6.1-rc1 (including)
Asterisk Digium 1.6.1.0 (including) 1.6.1.0 (including)
Asterisk Digium 1.6.1.0-rc2 (including) 1.6.1.0-rc2 (including)
Asterisk Digium 1.6.1.0-rc3 (including) 1.6.1.0-rc3 (including)
Asterisk Digium 1.6.1.0-rc4 (including) 1.6.1.0-rc4 (including)
Asterisk Digium 1.6.1.0-rc5 (including) 1.6.1.0-rc5 (including)
Asterisk Digium 1.6.1.1 (including) 1.6.1.1 (including)
Asterisk Digium 1.6.1.2 (including) 1.6.1.2 (including)
Asterisk Digium 1.6.1.3-rc1 (including) 1.6.1.3-rc1 (including)
Asterisk Digium 1.6.1.4 (including) 1.6.1.4 (including)
Asterisk Digium 1.6.1.5 (including) 1.6.1.5 (including)
Asterisk Digium 1.6.1.5-rc1 (including) 1.6.1.5-rc1 (including)
Asterisk Digium 1.6.1.6 (including) 1.6.1.6 (including)
Asterisk Digium 1.6.1.7-rc1 (including) 1.6.1.7-rc1 (including)
Asterisk Digium 1.6.1.7-rc2 (including) 1.6.1.7-rc2 (including)
Asterisk Digium 1.6.1.8 (including) 1.6.1.8 (including)
Asterisk Digium 1.6.1.9 (including) 1.6.1.9 (including)
Asterisk Digium 1.6.1.10 (including) 1.6.1.10 (including)
Asterisk Digium 1.6.1.10-rc1 (including) 1.6.1.10-rc1 (including)
Asterisk Digium 1.6.1.10-rc2 (including) 1.6.1.10-rc2 (including)
Asterisk Digium 1.6.1.10-rc3 (including) 1.6.1.10-rc3 (including)
Asterisk Digium 1.6.1.11 (including) 1.6.1.11 (including)
Asterisk Digium 1.6.1.12 (including) 1.6.1.12 (including)
Asterisk Digium 1.6.1.12-rc1 (including) 1.6.1.12-rc1 (including)
Asterisk Digium 1.6.1.13 (including) 1.6.1.13 (including)
Asterisk Digium 1.6.1.13-rc1 (including) 1.6.1.13-rc1 (including)
Asterisk Digium 1.6.1.14 (including) 1.6.1.14 (including)
Asterisk Digium 1.6.1.15-rc2 (including) 1.6.1.15-rc2 (including)
Asterisk Digium 1.6.1.16 (including) 1.6.1.16 (including)
Asterisk Digium 1.6.1.17 (including) 1.6.1.17 (including)
Asterisk Digium 1.6.1.18 (including) 1.6.1.18 (including)
Asterisk Digium 1.6.1.18-rc1 (including) 1.6.1.18-rc1 (including)
Asterisk Digium 1.6.1.18-rc2 (including) 1.6.1.18-rc2 (including)
Asterisk Digium 1.6.1.19 (including) 1.6.1.19 (including)
Asterisk Digium 1.6.1.19-rc1 (including) 1.6.1.19-rc1 (including)
Asterisk Digium 1.6.1.19-rc2 (including) 1.6.1.19-rc2 (including)
Asterisk Digium 1.6.1.19-rc3 (including) 1.6.1.19-rc3 (including)
Asterisk Digium 1.6.1.20 (including) 1.6.1.20 (including)
Asterisk Digium 1.6.1.20-rc1 (including) 1.6.1.20-rc1 (including)
Asterisk Digium 1.6.1.20-rc2 (including) 1.6.1.20-rc2 (including)
Asterisk Digium 1.6.1.21 (including) 1.6.1.21 (including)
Asterisk Digium 1.6.1.22 (including) 1.6.1.22 (including)
Asterisk Ubuntu dapper *
Asterisk Ubuntu hardy *
Asterisk Ubuntu karmic *
Asterisk Ubuntu lucid *
Asterisk Ubuntu maverick *
Asterisk Ubuntu natty *
Asterisk Ubuntu upstream *

References