Lucene search
MitreCVE-2015-1558HistoryFeb 09, 2015 - 11:59 a.m.
CVE-2015-1558
2015-02-0911:59:00
CWE-399
mitre
web.nvd.nist.gov
43
asterisk
open source
cve-2015-1558
pjsip
denial of service
nvd
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
6.4
Confidence
Low
EPSS
0.007
Percentile
80.4%
Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs.
Affected configurations
Node
digiumasteriskMatch12.0.0
ORdigiumasteriskMatch12.1.0-
ORdigiumasteriskMatch12.1.0rc1
ORdigiumasteriskMatch12.1.0rc2
ORdigiumasteriskMatch12.1.0rc3
ORdigiumasteriskMatch12.1.1
ORdigiumasteriskMatch12.2.0
ORdigiumasteriskMatch12.2.0rc1
ORdigiumasteriskMatch12.2.0rc2
ORdigiumasteriskMatch12.2.0rc3
ORdigiumasteriskMatch12.3.0
ORdigiumasteriskMatch12.3.0rc1
ORdigiumasteriskMatch12.3.0rc2
ORdigiumasteriskMatch12.3.1
ORdigiumasteriskMatch12.3.2
ORdigiumasteriskMatch12.4.0
ORdigiumasteriskMatch12.4.0rc1
ORdigiumasteriskMatch12.5.0
ORdigiumasteriskMatch12.5.0rc1
ORdigiumasteriskMatch12.6.0
ORdigiumasteriskMatch12.6.0rc1
ORdigiumasteriskMatch12.7.0lts
ORdigiumasteriskMatch12.7.0rc1
ORdigiumasteriskMatch12.7.0rc2
ORdigiumasteriskMatch12.8.0
ORdigiumasteriskMatch12.8.0rc1
ORdigiumasteriskMatch12.8.0rc2
ORdigiumasteriskMatch12.8.1
ORdigiumasteriskMatch13.0.0
ORdigiumasteriskMatch13.1.0
ORdigiumasteriskMatch13.1.0rc1
ORdigiumasteriskMatch13.1.0rc2
ORdigiumasteriskMatch13.2.0
ORdigiumasteriskMatch13.2.0rc1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| digium | asterisk | 12.0.0 | cpe:2.3:a:digium:asterisk:12.0.0:*:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:-:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc1:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc2:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc3:*:*:*:*:*:* |
| digium | asterisk | 12.1.1 | cpe:2.3:a:digium:asterisk:12.1.1:*:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:*:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc1:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc2:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc3:*:*:*:*:*:* |
Related
prion
prion
Code injection
2015-02-09 11:59:00
nessus
nessus
debiancve
debiancve
CVE-2015-1558
2015-02-09 11:59:00
ubuntucve
ubuntucve
CVE-2015-1558
2015-02-09 00:00:00
cvelist
cvelist
CVE-2015-1558
2015-02-09 11:00:00
freebsd
freebsd
asterisk -- File descriptor leak when incompatible codecs are offered
2015-01-06 00:00:00
nvd
nvd
CVE-2015-1558
2015-02-09 11:59:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
6.4
Confidence
Low
EPSS
0.007
Percentile
80.4%
Related for CVE-2015-1558