tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many short TCP sessions to services that use a certain TLS API.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Asterisk | Digium | 1.6.1 (including) | 1.6.1 (including) |
| Asterisk | Digium | 1.6.1-beta1 (including) | 1.6.1-beta1 (including) |
| Asterisk | Digium | 1.6.1-beta2 (including) | 1.6.1-beta2 (including) |
| Asterisk | Digium | 1.6.1-beta3 (including) | 1.6.1-beta3 (including) |
| Asterisk | Digium | 1.6.1-beta4 (including) | 1.6.1-beta4 (including) |
| Asterisk | Digium | 1.6.1-rc1 (including) | 1.6.1-rc1 (including) |
| Asterisk | Digium | 1.6.1.0 (including) | 1.6.1.0 (including) |
| Asterisk | Digium | 1.6.1.0-rc2 (including) | 1.6.1.0-rc2 (including) |
| Asterisk | Digium | 1.6.1.0-rc3 (including) | 1.6.1.0-rc3 (including) |
| Asterisk | Digium | 1.6.1.0-rc4 (including) | 1.6.1.0-rc4 (including) |
| Asterisk | Digium | 1.6.1.0-rc5 (including) | 1.6.1.0-rc5 (including) |
| Asterisk | Digium | 1.6.1.1 (including) | 1.6.1.1 (including) |
| Asterisk | Digium | 1.6.1.2 (including) | 1.6.1.2 (including) |
| Asterisk | Digium | 1.6.1.3-rc1 (including) | 1.6.1.3-rc1 (including) |
| Asterisk | Digium | 1.6.1.4 (including) | 1.6.1.4 (including) |
| Asterisk | Digium | 1.6.1.5 (including) | 1.6.1.5 (including) |
| Asterisk | Digium | 1.6.1.5-rc1 (including) | 1.6.1.5-rc1 (including) |
| Asterisk | Digium | 1.6.1.6 (including) | 1.6.1.6 (including) |
| Asterisk | Digium | 1.6.1.7-rc1 (including) | 1.6.1.7-rc1 (including) |
| Asterisk | Digium | 1.6.1.7-rc2 (including) | 1.6.1.7-rc2 (including) |
| Asterisk | Digium | 1.6.1.8 (including) | 1.6.1.8 (including) |
| Asterisk | Digium | 1.6.1.9 (including) | 1.6.1.9 (including) |
| Asterisk | Digium | 1.6.1.10 (including) | 1.6.1.10 (including) |
| Asterisk | Digium | 1.6.1.10-rc1 (including) | 1.6.1.10-rc1 (including) |
| Asterisk | Digium | 1.6.1.10-rc2 (including) | 1.6.1.10-rc2 (including) |
| Asterisk | Digium | 1.6.1.10-rc3 (including) | 1.6.1.10-rc3 (including) |
| Asterisk | Digium | 1.6.1.11 (including) | 1.6.1.11 (including) |
| Asterisk | Digium | 1.6.1.12 (including) | 1.6.1.12 (including) |
| Asterisk | Digium | 1.6.1.12-rc1 (including) | 1.6.1.12-rc1 (including) |
| Asterisk | Digium | 1.6.1.13 (including) | 1.6.1.13 (including) |
| Asterisk | Digium | 1.6.1.13-rc1 (including) | 1.6.1.13-rc1 (including) |
| Asterisk | Digium | 1.6.1.14 (including) | 1.6.1.14 (including) |
| Asterisk | Digium | 1.6.1.15-rc2 (including) | 1.6.1.15-rc2 (including) |
| Asterisk | Digium | 1.6.1.16 (including) | 1.6.1.16 (including) |
| Asterisk | Digium | 1.6.1.17 (including) | 1.6.1.17 (including) |
| Asterisk | Digium | 1.6.1.18 (including) | 1.6.1.18 (including) |
| Asterisk | Digium | 1.6.1.18-rc1 (including) | 1.6.1.18-rc1 (including) |
| Asterisk | Digium | 1.6.1.18-rc2 (including) | 1.6.1.18-rc2 (including) |
| Asterisk | Digium | 1.6.1.19 (including) | 1.6.1.19 (including) |
| Asterisk | Digium | 1.6.1.19-rc1 (including) | 1.6.1.19-rc1 (including) |
| Asterisk | Digium | 1.6.1.19-rc2 (including) | 1.6.1.19-rc2 (including) |
| Asterisk | Digium | 1.6.1.19-rc3 (including) | 1.6.1.19-rc3 (including) |
| Asterisk | Digium | 1.6.1.20 (including) | 1.6.1.20 (including) |
| Asterisk | Digium | 1.6.1.20-rc1 (including) | 1.6.1.20-rc1 (including) |
| Asterisk | Digium | 1.6.1.20-rc2 (including) | 1.6.1.20-rc2 (including) |
| Asterisk | Digium | 1.6.1.21 (including) | 1.6.1.21 (including) |
| Asterisk | Digium | 1.6.1.22 (including) | 1.6.1.22 (including) |
| Asterisk | Ubuntu | dapper | * |
| Asterisk | Ubuntu | hardy | * |
| Asterisk | Ubuntu | karmic | * |
| Asterisk | Ubuntu | lucid | * |
| Asterisk | Ubuntu | maverick | * |
| Asterisk | Ubuntu | natty | * |
| Asterisk | Ubuntu | upstream | * |