Lucene search
MitreCVE-2011-4063HistoryOct 21, 2011 - 10:55 a.m.
CVE-2011-4063
2011-10-2110:55:03
CWE-20
mitre
web.nvd.nist.gov
47
cve-2011-4063
asterisk
sip
channel driver
denial of service
remote attack
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
AI Score
6
Confidence
Low
EPSS
0.964
Percentile
99.6%
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request.
Affected configurations
Node
asteriskopen_sourceMatch1.8.7
ORasteriskopen_sourceMatch10.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| asterisk | open_source | 1.8.7 | cpe:2.3:a:asterisk:open_source:1.8.7:*:*:*:*:*:*:* |
| asterisk | open_source | 10.0.0 | cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:* |
Related
openvas
openvas
FreeBSD Ports: asterisk18
2012-02-13 00:00:00
Fedora Update for asterisk FEDORA-2011-14480
2012-04-02 00:00:00
FreeBSD Ports: asterisk18
2012-02-13 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: asterisk-1.8.7.1-1.fc16
2011-11-10 17:47:36
[SECURITY] Fedora 15 Update: asterisk-1.8.7.1-1.fc15
2011-11-10 17:43:25
securityvulns
securityvulns
AST-2011-012: Remote crash vulnerability in SIP channel driver
2011-10-24 00:00:00
Asterisk uninitilized memory reference
2011-10-24 00:00:00
cvelist
cvelist
CVE-2011-4063
2011-10-21 10:00:00
nessus
nessus
Fedora 16 : asterisk-1.8.7.1-1.fc16 (2011-14480)
2011-11-14 00:00:00
Fedora 15 : asterisk-1.8.7.1-1.fc15 (2011-14538)
2011-11-14 00:00:00
checkpoint_advisories
checkpoint_advisories
debiancve
debiancve
CVE-2011-4063
2011-10-21 10:55:03
nvd
nvd
CVE-2011-4063
2011-10-21 10:55:03
freebsd
freebsd
asterisk -- remote crash vulnerability in SIP channel driver
2011-10-17 00:00:00
ubuntucve
ubuntucve
CVE-2011-4063
2011-10-21 00:00:00
prion
prion
Design/Logic Flaw
2011-10-21 10:55:00
gentoo
gentoo
Asterisk: Multiple vulnerabilities
2011-10-24 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
AI Score
6
Confidence
Low
EPSS
0.964
Percentile
99.6%
Related for CVE-2011-4063