Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-2948
HistoryJun 02, 2012 - 12:00 a.m.

CVE-2012-2948

2012-06-0200:00:00
ubuntu.com
ubuntu.com
9

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.96 High

EPSS

Percentile

99.5%

JSON

chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk
1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before
1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause
a denial of service (NULL pointer dereference and daemon crash) by closing
a connection in off-hook mode.
A remote attacker with a valid SCCP ID can can use this vulnerability by
closing a connection to the Asterisk server in certain call states (e.g. “Off
hook”) to crash the server. Successful exploitation of this vulnerability would
result in termination of the server, causing denial of service to legitimate
users.

Bugs

Related

nessus 4
securityvulns 2
prion 2
checkpoint_advisories 1
debiancve 2
cve 2
openvas 8
freebsd 1
ubuntucve 1
debian 1
osv 1
gentoo 1
nessus
nessus
Asterisk Remote Crash Vulnerability in Skinny Channel Driver (AST-2012-008)
2012-06-14 00:00:00
FreeBSD : asterisk -- multiple vulnerabilities (359f615d-a9e1-11e1-8a66-14dae9ebcf89)
2012-05-30 00:00:00
Debian DSA-2493-1 : asterisk - denial of service
2012-06-29 00:00:00
securityvulns
securityvulns
AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability
2012-05-31 00:00:00
Asterisk security vulnerabilities
2012-05-31 00:00:00
prion
prion
Null pointer dereference
2012-06-02 15:55:00
Null pointer dereference
2012-06-19 20:55:00
checkpoint_advisories
checkpoint_advisories
Digium Asterisk Skinny Channel NULL-Pointer Dereference (CVE-2012-2948)
2012-08-27 00:00:00
debiancve
debiancve
CVE-2012-2948
2012-06-02 15:55:00
CVE-2012-3553
2012-06-19 20:55:00
cve
cve
CVE-2012-2948
2012-06-02 15:55:00
CVE-2012-3553
2012-06-19 20:55:00
openvas
openvas
FreeBSD Ports: asterisk10
2012-08-10 00:00:00
FreeBSD Ports: asterisk16
2012-05-31 00:00:00
FreeBSD Ports: asterisk16
2012-05-31 00:00:00
freebsd
freebsd
asterisk -- multiple vulnerabilities
2012-05-29 00:00:00
ubuntucve
ubuntucve
CVE-2012-3553
2012-06-19 00:00:00
debian
debian
[SECURITY] [DSA 2493-1] asterisk security update
2012-06-12 19:38:28
osv
osv
asterisk - denial of service
2012-06-12 00:00:00
gentoo
gentoo
Asterisk: Multiple vulnerabilities
2012-06-21 00:00:00

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.96 High

EPSS

Percentile

99.5%

JSON
Related for UB:CVE-2012-2948
nessus4securityvulns2prion2checkpoint_advisories1debiancve2cve2openvas8freebsd1ubuntucve1debian1osv1gentoo1