The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:28
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://asterisk.org/node/48339 - | |
| References | () http://marc.info/?l=full-disclosure&m=117432783011737&w=2 - | |
| References | () http://secunia.com/advisories/24564 - | |
| References | () http://secunia.com/advisories/24719 - | |
| References | () http://secunia.com/advisories/25582 - | |
| References | () http://security.gentoo.org/glsa/glsa-200704-01.xml - | |
| References | () http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html - | |
| References | () http://www.debian.org/security/2007/dsa-1358 - | |
| References | () http://www.novell.com/linux/security/advisories/2007_34_asterisk.html - | |
| References | () http://www.osvdb.org/34479 - | |
| References | () http://www.securityfocus.com/archive/1/463434/100/0/threaded - | |
| References | () http://www.securityfocus.com/bid/23031 - Patch | |
| References | () http://www.securitytracker.com/id?1017794 - | |
| References | () http://www.sineapps.com/news.php?rssid=1707 - | |
| References | () http://www.vupen.com/english/advisories/2007/1039 - | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/33068 - |
Information
Published : 2007-03-21 19:19
Updated : 2024-11-21 00:28
NVD link : CVE-2007-1561
Mitre link : CVE-2007-1561
CVE.ORG link : CVE-2007-1561
JSON object : View
Products Affected
asterisk
- asterisk
CWE