5

CVE-2007-3765

The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AsteriskAsterisk Version1.0
AsteriskAsterisk Version1.0.6
AsteriskAsterisk Version1.0.7
AsteriskAsterisk Version1.0.8
AsteriskAsterisk Version1.0.9
AsteriskAsterisk Version1.0.10
AsteriskAsterisk Version1.0.11
AsteriskAsterisk Version1.0.12
AsteriskAsterisk Version1.2.0_beta1
AsteriskAsterisk Version1.2.0_beta2
AsteriskAsterisk Version1.2.5
AsteriskAsterisk Version1.2.6
AsteriskAsterisk Version1.2.7
AsteriskAsterisk Version1.2.8
AsteriskAsterisk Version1.2.9
AsteriskAsterisk Version1.2.10
AsteriskAsterisk Version1.2.11
AsteriskAsterisk Version1.2.12
AsteriskAsterisk Version1.2.13
AsteriskAsterisk Version1.2.14
AsteriskAsterisk Version1.2.15
AsteriskAsterisk Version1.2.16
AsteriskAsterisk Version1.2.17
AsteriskAsterisk Version1.4.1
AsteriskAsterisk Version1.4.2
AsteriskAsterisk Version1.4.4_2007-04-27
AsteriskAsterisk Version1.4_beta
AsteriskAsterisk Versiona Editionbusiness
AsteriskAsterisk Versionb.1.3.2 Editionbusiness
AsteriskAsterisk Versionb.1.3.3 Editionbusiness
AsteriskAsterisk Versionb.2.2.0 Editionbusiness
AsteriskAsterisknow Versionbeta_5
AsteriskAsterisknow Versionbeta_6
AsteriskS800i Appliance Version1.0
AsteriskS800i Appliance Version1.0.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.69% 0.741
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/26099
http://www.securitytracker.com/id?1018407
http://www.vupen.com/english/advisories/2007/2563
http://www.securityfocus.com/bid/24950
http://ftp.digium.com/pub/asa/ASA-2007-017.pdf
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/35480