7.8

CVE-2007-1594

The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP Response code 0 in a SIP packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AsteriskAsterisk Version0.1.7
AsteriskAsterisk Version0.1.8
AsteriskAsterisk Version0.1.9
AsteriskAsterisk Version0.1.9_1
AsteriskAsterisk Version0.1.11
AsteriskAsterisk Version0.2
AsteriskAsterisk Version0.3
AsteriskAsterisk Version0.4
AsteriskAsterisk Version0.7.0
AsteriskAsterisk Version0.7.1
AsteriskAsterisk Version0.7.2
AsteriskAsterisk Version0.9.0
AsteriskAsterisk Version1.0
AsteriskAsterisk Version1.0.6
AsteriskAsterisk Version1.0.7
AsteriskAsterisk Version1.0.8
AsteriskAsterisk Version1.0.9
AsteriskAsterisk Version1.0.10
AsteriskAsterisk Version1.0.11
AsteriskAsterisk Version1.0.12
AsteriskAsterisk Version1.2.0_beta1
AsteriskAsterisk Version1.2.0_beta2
AsteriskAsterisk Version1.2.5
AsteriskAsterisk Version1.2.6
AsteriskAsterisk Version1.2.7
AsteriskAsterisk Version1.2.8
AsteriskAsterisk Version1.2.9
AsteriskAsterisk Version1.2.10
AsteriskAsterisk Version1.2.11
AsteriskAsterisk Version1.2.12
AsteriskAsterisk Version1.2.13
AsteriskAsterisk Version1.2.14
AsteriskAsterisk Version1.2.15
AsteriskAsterisk Version1.2.16
AsteriskAsterisk Version1.2.17
AsteriskAsterisk Version1.4.1
AsteriskAsterisk Version1.4_beta
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.62% 0.834
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/25582
http://www.novell.com/linux/security/advisories/2007_34_asterisk.html
http://secunia.com/advisories/24719
http://security.gentoo.org/glsa/glsa-200704-01.xml
http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html
Vendor Advisory
http://www.securityfocus.com/archive/1/463434/100/0/threaded
http://www.sineapps.com/news.php?rssid=1707
Vendor Advisory
http://bugs.digium.com/view.php?id=9313
Vendor Advisory
http://secunia.com/advisories/24579
Patch
Vendor Advisory
http://svn.digium.com/view/asterisk/trunk/channels/chan_sip.c?r1=58907&r2=59038
http://www.asterisk.org/node/48338
http://www.securityfocus.com/bid/23093
http://www.securitytracker.com/id?1017809
http://www.vupen.com/english/advisories/2007/1077