Lucene search
HistoryFeb 09, 2015 - 11:59 a.m.
CVE-2015-1558
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
6.2
Confidence
High
EPSS
0.007
Percentile
80.4%
Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs.
Affected configurations
Node
digiumasteriskMatch12.0.0
ORdigiumasteriskMatch12.1.0-
ORdigiumasteriskMatch12.1.0rc1
ORdigiumasteriskMatch12.1.0rc2
ORdigiumasteriskMatch12.1.0rc3
ORdigiumasteriskMatch12.1.1
ORdigiumasteriskMatch12.2.0
ORdigiumasteriskMatch12.2.0rc1
ORdigiumasteriskMatch12.2.0rc2
ORdigiumasteriskMatch12.2.0rc3
ORdigiumasteriskMatch12.3.0
ORdigiumasteriskMatch12.3.0rc1
ORdigiumasteriskMatch12.3.0rc2
ORdigiumasteriskMatch12.3.1
ORdigiumasteriskMatch12.3.2
ORdigiumasteriskMatch12.4.0
ORdigiumasteriskMatch12.4.0rc1
ORdigiumasteriskMatch12.5.0
ORdigiumasteriskMatch12.5.0rc1
ORdigiumasteriskMatch12.6.0
ORdigiumasteriskMatch12.6.0rc1
ORdigiumasteriskMatch12.7.0lts
ORdigiumasteriskMatch12.7.0rc1
ORdigiumasteriskMatch12.7.0rc2
ORdigiumasteriskMatch12.8.0
ORdigiumasteriskMatch12.8.0rc1
ORdigiumasteriskMatch12.8.0rc2
ORdigiumasteriskMatch12.8.1
ORdigiumasteriskMatch13.0.0
ORdigiumasteriskMatch13.1.0
ORdigiumasteriskMatch13.1.0rc1
ORdigiumasteriskMatch13.1.0rc2
ORdigiumasteriskMatch13.2.0
ORdigiumasteriskMatch13.2.0rc1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| digium | asterisk | 12.0.0 | cpe:2.3:a:digium:asterisk:12.0.0:*:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:-:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc1:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc2:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc3:*:*:*:*:*:* |
| digium | asterisk | 12.1.1 | cpe:2.3:a:digium:asterisk:12.1.1:*:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:*:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc1:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc2:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc3:*:*:*:*:*:* |
Related
prion
prion
Code injection
2015-02-09 11:59:00
freebsd
freebsd
asterisk -- File descriptor leak when incompatible codecs are offered
2015-01-06 00:00:00
cve
cve
CVE-2015-1558
2015-02-09 11:59:00
ubuntucve
ubuntucve
CVE-2015-1558
2015-02-09 00:00:00
cvelist
cvelist
CVE-2015-1558
2015-02-09 11:00:00
debiancve
debiancve
CVE-2015-1558
2015-02-09 11:59:00
nessus
nessus
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
AI Score
6.2
Confidence
High
EPSS
0.007
Percentile
80.4%
Related for NVD:CVE-2015-1558