Back to search
CVE-2007-4455
Published: Aug 22, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of service (memory exhaustion) via a SIP dialog that causes a large number of history entries to be created.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3047
third-party-advisory
x_refsource_SREASON
ADV-2007-2953
vdb-entry
x_refsource_VUPEN
http://downloads.digium.com/pub/asa/AST-2007-020.html
x_refsource_CONFIRM
25392
vdb-entry
x_refsource_BID
20070821 AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver
mailing-list
x_refsource_FULLDISC
asterisk-sip-dialoghistory-dos(36145)
vdb-entry
x_refsource_XF
26553
third-party-advisory
x_refsource_SECUNIA
1018595
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now