Back to search
CVE-2011-4063
Published: Oct 21, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1026191
vdb-entry
x_refsource_SECTRACK
8478
third-party-advisory
x_refsource_SREASON
46420
third-party-advisory
x_refsource_SECUNIA
20111017 AST-2011-012: Remote crash vulnerability in SIP channel driver
mailing-list
x_refsource_BUGTRAQ
50177
vdb-entry
x_refsource_BID
asterisk-sip-channel-driver-dos(70706)
vdb-entry
x_refsource_XF
http://downloads.digium.com/pub/security/AST-2011-012.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now