5
CVE-2011-1507
- EPSS 2.5%
- Veröffentlicht 27.04.2011 00:55:04
- Zuletzt bearbeitet 16.06.2026 23:29:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.5% | 0.827 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://www.debian.org/security/2011/dsa-2225
http://downloads.digium.com/pub/security/AST-2011-005.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058922.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html
http://secunia.com/advisories/44197
http://secunia.com/advisories/44529
http://securitytracker.com/id?1025432
http://www.vupen.com/english/advisories/2011/1086
http://www.vupen.com/english/advisories/2011/1107
http://www.vupen.com/english/advisories/2011/1188
https://bugzilla.redhat.com/show_bug.cgi?id=698916