Back to search
CVE-2011-1175
Published: Mar 31, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many short TCP sessions to services that use a certain TLS API.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2011-3945
vendor-advisory
x_refsource_FEDORA
asterisk-handletcptlsconnection-dos(66140)
vdb-entry
x_refsource_XF
http://downloads.asterisk.org/pub/security/AST-2011-004.html
x_refsource_CONFIRM
DSA-2225
vendor-advisory
x_refsource_DEBIAN
FEDORA-2011-3942
vendor-advisory
x_refsource_FEDORA
[oss-security] 20110317 CVE request for Asterisk flaws
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=688678
x_refsource_CONFIRM
FEDORA-2011-3958
vendor-advisory
x_refsource_FEDORA
ADV-2011-0686
vdb-entry
x_refsource_VUPEN
ADV-2011-0790
vdb-entry
x_refsource_VUPEN
1025224
vdb-entry
x_refsource_SECTRACK
46898
vdb-entry
x_refsource_BID
[oss-security] 20110321 Re: CVE request for Asterisk flaws
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now