Lucene search
HistoryJun 02, 2012 - 3:55 p.m.
CVE-2012-2947
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.017 Low
EPSS
Percentile
87.9%
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service (daemon crash) by placing a call on hold.
Affected configurations
Node
debiandebian_linuxMatch6.0
Node
digiumasteriskMatch1.8.0
ORdigiumasteriskMatch1.8.0beta1
ORdigiumasteriskMatch1.8.0beta2
ORdigiumasteriskMatch1.8.0beta3
ORdigiumasteriskMatch1.8.0beta4
ORdigiumasteriskMatch1.8.0beta5
ORdigiumasteriskMatch1.8.0rc2
ORdigiumasteriskMatch1.8.0rc3
ORdigiumasteriskMatch1.8.0rc4
ORdigiumasteriskMatch1.8.0rc5
ORdigiumasteriskMatch1.8.1
ORdigiumasteriskMatch1.8.1rc1
ORdigiumasteriskMatch1.8.1.1
ORdigiumasteriskMatch1.8.1.2
ORdigiumasteriskMatch1.8.2
ORdigiumasteriskMatch1.8.2.1
ORdigiumasteriskMatch1.8.2.2
ORdigiumasteriskMatch1.8.2.3
ORdigiumasteriskMatch1.8.2.4
ORdigiumasteriskMatch1.8.3
ORdigiumasteriskMatch1.8.3rc1
ORdigiumasteriskMatch1.8.3rc2
ORdigiumasteriskMatch1.8.3rc3
ORdigiumasteriskMatch1.8.3.1
ORdigiumasteriskMatch1.8.3.2
ORdigiumasteriskMatch1.8.3.3
ORdigiumasteriskMatch1.8.4
ORdigiumasteriskMatch1.8.4rc1
ORdigiumasteriskMatch1.8.4rc2
ORdigiumasteriskMatch1.8.4rc3
ORdigiumasteriskMatch1.8.4.1
ORdigiumasteriskMatch1.8.4.2
ORdigiumasteriskMatch1.8.4.3
ORdigiumasteriskMatch1.8.4.4
ORdigiumasteriskMatch1.8.5
ORdigiumasteriskMatch1.8.5rc1
ORdigiumasteriskMatch1.8.5.0
ORdigiumasteriskMatch1.8.6.0
ORdigiumasteriskMatch1.8.6.0rc1
ORdigiumasteriskMatch1.8.6.0rc2
ORdigiumasteriskMatch1.8.6.0rc3
ORdigiumasteriskMatch1.8.7.0
ORdigiumasteriskMatch1.8.7.0rc1
ORdigiumasteriskMatch1.8.7.0rc2
ORdigiumasteriskMatch1.8.7.1
ORdigiumasteriskMatch1.8.8.0
ORdigiumasteriskMatch1.8.8.0rc1
ORdigiumasteriskMatch1.8.8.0rc2
ORdigiumasteriskMatch1.8.8.0rc3
ORdigiumasteriskMatch1.8.8.0rc4
ORdigiumasteriskMatch1.8.8.0rc5
ORdigiumasteriskMatch1.8.8.1
ORdigiumasteriskMatch1.8.8.2
ORdigiumasteriskMatch1.8.9.0
ORdigiumasteriskMatch1.8.9.0rc1
ORdigiumasteriskMatch1.8.9.0rc2
ORdigiumasteriskMatch1.8.9.0rc3
ORdigiumasteriskMatch1.8.9.1
ORdigiumasteriskMatch1.8.9.2
ORdigiumasteriskMatch1.8.9.3
ORdigiumasteriskMatch1.8.10.0
ORdigiumasteriskMatch1.8.10.0rc1
ORdigiumasteriskMatch1.8.10.0rc2
ORdigiumasteriskMatch1.8.10.0rc3
ORdigiumasteriskMatch1.8.10.0rc4
ORdigiumasteriskMatch1.8.10.1
ORdigiumasteriskMatch1.8.11.0
ORdigiumasteriskMatch1.8.11.0rc2
ORdigiumasteriskMatch1.8.11.0rc3
ORdigiumasteriskMatch1.8.11.1
ORdigiumasteriskMatch1.8.12
ORdigiumasteriskMatch1.8.12.0
ORdigiumasteriskMatch1.8.12.0rc1
ORdigiumasteriskMatch1.8.12.0rc2
ORdigiumasteriskMatch1.8.12.0rc3
Node
digiumasteriskMatch10.0.0
ORdigiumasteriskMatch10.0.0beta1
ORdigiumasteriskMatch10.0.0beta2
ORdigiumasteriskMatch10.0.0rc1
ORdigiumasteriskMatch10.0.0rc2
ORdigiumasteriskMatch10.0.0rc3
ORdigiumasteriskMatch10.0.1
ORdigiumasteriskMatch10.1.0
ORdigiumasteriskMatch10.1.0rc1
ORdigiumasteriskMatch10.1.0rc2
ORdigiumasteriskMatch10.1.1
ORdigiumasteriskMatch10.1.2
ORdigiumasteriskMatch10.1.3
ORdigiumasteriskMatch10.2.0
ORdigiumasteriskMatch10.2.0rc1
ORdigiumasteriskMatch10.2.0rc2
ORdigiumasteriskMatch10.2.0rc3
ORdigiumasteriskMatch10.2.0rc4
ORdigiumasteriskMatch10.2.1
ORdigiumasteriskMatch10.3.0
ORdigiumasteriskMatch10.3.0rc2
ORdigiumasteriskMatch10.3.0rc3
ORdigiumasteriskMatch10.3.1
ORdigiumasteriskMatch10.4.0
ORdigiumasteriskMatch10.4.0rc1
ORdigiumasteriskMatch10.4.0rc2
ORdigiumasteriskMatch10.4.0rc3
Node
digiumcertified_asteriskMatch1.8.11cert
ORdigiumcertified_asteriskMatch1.8.11cert1
Related
nessus
nessus
Asterisk Remote Crash Vulnerability in IAX2 Channel Driver (AST-2012-007)
2012-06-14 00:00:00
Fedora 16 : asterisk-1.8.12.2-1.fc16 (2012-8692)
2012-06-18 00:00:00
Fedora 17 : asterisk-10.4.2-1.fc17 (2012-8670)
2012-06-11 00:00:00
debiancve
debiancve
CVE-2012-2947
2012-06-02 15:55:00
prion
prion
Design/Logic Flaw
2012-06-02 15:55:00
cvelist
cvelist
CVE-2012-2947
2012-06-02 15:00:00
openvas
openvas
Fedora Update for asterisk FEDORA-2012-8692
2012-06-19 00:00:00
Fedora Update for asterisk FEDORA-2012-8685
2012-06-19 00:00:00
Fedora Update for asterisk FEDORA-2012-8685
2012-06-19 00:00:00
ubuntucve
ubuntucve
CVE-2012-2947
2012-06-02 00:00:00
securityvulns
securityvulns
AST-2012-007: Remote crash vulnerability in IAX2 channel driver.
2012-05-31 00:00:00
Asterisk security vulnerabilities
2012-05-31 00:00:00
cve
cve
CVE-2012-2947
2012-06-02 15:55:00
fedora
fedora
[SECURITY] Fedora 16 Update: asterisk-1.8.12.2-1.fc16
2012-06-15 23:53:31
[SECURITY] Fedora 17 Update: asterisk-10.4.2-1.fc17
2012-06-10 01:36:23
[SECURITY] Fedora 15 Update: asterisk-1.8.12.2-1.fc15
2012-06-15 23:54:12
freebsd
freebsd
asterisk -- multiple vulnerabilities
2012-05-29 00:00:00
debian
debian
[SECURITY] [DSA 2493-1] asterisk security update
2012-06-12 19:38:06
osv
osv
asterisk - denial of service
2012-06-12 00:00:00
gentoo
gentoo
Asterisk: Multiple vulnerabilities
2012-06-21 00:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
6.3 Medium
AI Score
Confidence
Low
0.017 Low
EPSS
Percentile
87.9%
Related for NVD:CVE-2012-2947