Lucene search

K
cve[email protected]CVE-2011-2665
HistoryJul 06, 2011 - 7:55 p.m.

CVE-2011-2665

2011-07-0619:55:03
web.nvd.nist.gov
37
asterisk
open source
sip
vulnerability
denial of service
cve-2011-2665

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.075 Low

EPSS

Percentile

94.1%

reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.3 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a SIP packet with a Contact header that lacks a < (less than) character.

Affected configurations

NVD
Node
digiumasteriskMatch1.8.0
OR
digiumasteriskMatch1.8.0beta1
OR
digiumasteriskMatch1.8.0beta2
OR
digiumasteriskMatch1.8.0beta3
OR
digiumasteriskMatch1.8.0beta4
OR
digiumasteriskMatch1.8.0beta5
OR
digiumasteriskMatch1.8.0rc2
OR
digiumasteriskMatch1.8.0rc3
OR
digiumasteriskMatch1.8.0rc4
OR
digiumasteriskMatch1.8.0rc5
OR
digiumasteriskMatch1.8.1
OR
digiumasteriskMatch1.8.1rc1
OR
digiumasteriskMatch1.8.1.1
OR
digiumasteriskMatch1.8.1.2
OR
digiumasteriskMatch1.8.2
OR
digiumasteriskMatch1.8.2.1
OR
digiumasteriskMatch1.8.2.2
OR
digiumasteriskMatch1.8.2.3
OR
digiumasteriskMatch1.8.2.4
OR
digiumasteriskMatch1.8.3
OR
digiumasteriskMatch1.8.3rc1
OR
digiumasteriskMatch1.8.3rc2
OR
digiumasteriskMatch1.8.3rc3
OR
digiumasteriskMatch1.8.3.1
OR
digiumasteriskMatch1.8.3.2
OR
digiumasteriskMatch1.8.3.3
OR
digiumasteriskMatch1.8.4
OR
digiumasteriskMatch1.8.4rc1
OR
digiumasteriskMatch1.8.4rc2
OR
digiumasteriskMatch1.8.4rc3
OR
digiumasteriskMatch1.8.4.1
OR
digiumasteriskMatch1.8.4.2

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.075 Low

EPSS

Percentile

94.1%