Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-2665
HistoryJul 06, 2011 - 12:00 a.m.

CVE-2011-2665

2011-07-0600:00:00
ubuntu.com
ubuntu.com
6

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.075 Low

EPSS

Percentile

94.1%

reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x
before 1.8.4.3 allows remote attackers to cause a denial of service (NULL
pointer dereference and daemon crash) via a SIP packet with a Contact
header that lacks a < (less than) character.

Notes

Author Note
mdeslaur probably 1.8.x only

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.075 Low

EPSS

Percentile

94.1%