5

CVE-2007-3764

The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an "overly large memcpy."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AsteriskAsterisk Version1.0
AsteriskAsterisk Version1.0.6
AsteriskAsterisk Version1.0.7
AsteriskAsterisk Version1.0.8
AsteriskAsterisk Version1.0.9
AsteriskAsterisk Version1.0.10
AsteriskAsterisk Version1.0.11
AsteriskAsterisk Version1.0.12
AsteriskAsterisk Version1.2.0_beta1
AsteriskAsterisk Version1.2.0_beta2
AsteriskAsterisk Version1.2.5
AsteriskAsterisk Version1.2.6
AsteriskAsterisk Version1.2.7
AsteriskAsterisk Version1.2.8
AsteriskAsterisk Version1.2.9
AsteriskAsterisk Version1.2.10
AsteriskAsterisk Version1.2.11
AsteriskAsterisk Version1.2.12
AsteriskAsterisk Version1.2.13
AsteriskAsterisk Version1.2.14
AsteriskAsterisk Version1.2.15
AsteriskAsterisk Version1.2.16
AsteriskAsterisk Version1.2.17
AsteriskAsterisk Version1.4.1
AsteriskAsterisk Version1.4.2
AsteriskAsterisk Version1.4.4_2007-04-27
AsteriskAsterisk Version1.4_beta
AsteriskAsterisk Versiona Editionbusiness
AsteriskAsterisk Versionb.1.3.2 Editionbusiness
AsteriskAsterisk Versionb.1.3.3 Editionbusiness
AsteriskAsterisk Versionb.2.2.0 Editionbusiness
AsteriskAsterisknow Versionbeta_5
AsteriskAsterisknow Versionbeta_6
AsteriskS800i Appliance Version1.0
AsteriskS800i Appliance Version1.0.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 31.52% 0.981
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.debian.org/security/2007/dsa-1358
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://bugs.gentoo.org/show_bug.cgi?id=185713
http://secunia.com/advisories/26099
http://secunia.com/advisories/29051
http://security.gentoo.org/glsa/glsa-200802-11.xml
http://www.securitytracker.com/id?1018407
http://www.vupen.com/english/advisories/2007/2563
http://www.securityfocus.com/bid/24950
http://ftp.digium.com/pub/asa/ASA-2007-016.pdf
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/35478