Back to search
CVE-2013-5641
Published: Sep 9, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an ACK with SDP to a previously terminated channel. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
54534
third-party-advisory
x_refsource_SECUNIA
96691
vdb-entry
x_refsource_OSVDB
20130827 AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP
mailing-list
x_refsource_BUGTRAQ
54617
third-party-advisory
x_refsource_SECUNIA
DSA-2749
vendor-advisory
x_refsource_DEBIAN
20130827 AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP
mailing-list
x_refsource_BUGTRAQ
http://downloads.asterisk.org/pub/security/AST-2013-004.html
x_refsource_CONFIRM
62021
vdb-entry
x_refsource_BID
1028956
vdb-entry
x_refsource_SECTRACK
https://issues.asterisk.org/jira/browse/ASTERISK-21064
x_refsource_CONFIRM
MDVSA-2013:223
vendor-advisory
x_refsource_MANDRIVA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now