CVE-2007-1306

Published: Mar 7, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attackers to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

ADV-2007-0830

vdb-entry

x_refsource_VUPEN

22838

vdb-entry

x_refsource_BID

33888

vdb-entry

x_refsource_OSVDB

24578

third-party-advisory

x_refsource_SECUNIA

http://asterisk.org/node/48319

x_refsource_CONFIRM

SUSE-SA:2007:034

vendor-advisory

x_refsource_SUSE

http://labs.musecurity.com/advisories/MU-200703-01.txt

x_refsource_MISC

http://asterisk.org/node/48320

x_refsource_CONFIRM

24380

third-party-advisory

x_refsource_SECUNIA

asterisk-sip-channeldriver-dos(32830)

vdb-entry

x_refsource_XF

GLSA-200703-14

vendor-advisory

x_refsource_GENTOO

25582

third-party-advisory

x_refsource_SECUNIA

1017723

vdb-entry

x_refsource_SECTRACK

VU#228032

third-party-advisory

x_refsource_CERT-VN

DSA-1358

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-1306

Description

Affected Products

References