CVE Vulnerabilities

CVE-2011-2665

Published: Jul 06, 2011 | Modified: Sep 07, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.3 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a SIP packet with a Contact header that lacks a < (less than) character.

Affected Software

Name Vendor Start Version End Version
Asterisk Digium 1.8.3 1.8.3
Asterisk Digium 1.8.3 1.8.3
Asterisk Digium 1.8.2.4 1.8.2.4
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.3 1.8.3
Asterisk Digium 1.8.1 1.8.1
Asterisk Digium 1.8.1.2 1.8.1.2
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.4 1.8.4
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.3.1 1.8.3.1
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.4 1.8.4
Asterisk Digium 1.8.3.2 1.8.3.2
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.3 1.8.3
Asterisk Digium 1.8.4.2 1.8.4.2
Asterisk Digium 1.8.2.3 1.8.2.3
Asterisk Digium 1.8.3.3 1.8.3.3
Asterisk Digium 1.8.4 1.8.4
Asterisk Digium 1.8.2.1 1.8.2.1
Asterisk Digium 1.8.1 1.8.1
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.1.1 1.8.1.1
Asterisk Digium 1.8.2 1.8.2
Asterisk Digium 1.8.2.2 1.8.2.2
Asterisk Digium 1.8.4 1.8.4
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.0 1.8.0
Asterisk Digium 1.8.4.1 1.8.4.1

References