CVE-2011-2216

2011-06-06T19:55:00
ID CVE-2011-2216
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:32:00

Description

reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.2 does not initialize certain strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed Contact header. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'