The channel driver in Asterisk prior to 1.2.17 and 1.4.x prior to 1.4.2 allows remote malicious users to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
asterisk asterisk 1.2.15 |
||
asterisk asterisk 1.2.16 |
||
asterisk asterisk 1.4.1 |
||
asterisk asterisk 1.2.14 |