7.8

CVE-2006-5445

Unspecified vulnerability in the SIP channel driver (channels/chan_sip.c) in Asterisk 1.2.x before 1.2.13 and 1.4.x before 1.4.0-beta3 allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors that result in the creation of "a real pvt structure" that uses more resources than necessary.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DigiumAsterisk Version1.2.0_beta1
DigiumAsterisk Version1.2.0_beta2
DigiumAsterisk Version1.2.6
DigiumAsterisk Version1.2.7
DigiumAsterisk Version1.2.8
DigiumAsterisk Version1.2.9
DigiumAsterisk Version1.2.10
DigiumAsterisk Version1.2.11
DigiumAsterisk Version1.2.12
DigiumAsterisk Version1.2.12.1
DigiumAsterisk Version1.4.0
DigiumAsterisk Version1.4.0_beta1
DigiumAsterisk Version1.4.0_beta2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.37% 0.872
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22651
http://www.gentoo.org/security/en/glsa/glsa-200610-15.xml
http://ftp.digium.com/pub/asterisk/releases/ChangeLog-1.2.13
Patch
http://secunia.com/advisories/22979
http://www.asterisk.org/node/109
Patch
http://www.novell.com/linux/security/advisories/2006_69_asterisk.html
http://www.securityfocus.com/archive/1/449183/100/0/threaded
http://www.asterisk.org/node/110
Patch
http://www.osvdb.org/29973
http://www.securityfocus.com/bid/20835
http://www.vupen.com/english/advisories/2006/4098
https://exchange.xforce.ibmcloud.com/vulnerabilities/29664