7.9 High
AI Score
Confidence
Low
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.956 High
EPSS
Percentile
99.4%
Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE.
CPE | Name | Operator | Version |
---|---|---|---|
asterisk:asterisk | asterisk | eq | 1.4_beta |
asterisk:asterisk | asterisk | eq | 1.4.2 |
asterisk:asterisk | asterisk | eq | 1.4.1 |
secunia.com/advisories/24977
securityreason.com/securityalert/2645
www.asterisk.org/files/ASA-2007-010.pdf
www.osvdb.org/35368
www.securityfocus.com/archive/1/466883/100/0/threaded
www.securityfocus.com/archive/1/472804/100/0/threaded
www.securityfocus.com/bid/23648
www.securitytracker.com/id?1017951
www.securitytracker.com/id?1018337
www.vupen.com/english/advisories/2007/1534
exchange.xforce.ibmcloud.com/vulnerabilities/33895