Published: 30/07/2009 Updated: 17/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

main/rtp.c in Asterisk Open Source 1.6.1 prior to 1.6.1.2 allows remote malicious users to cause a denial of service (crash) via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
digium asterisk 1.6.1

Debian Bug report logs - #539473 CVE-2009-2651: Remote Crash Vulnerability in RTP stack Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Source for asterisk is src:asterisk (PTS, buildd, popcon) Reported by: Giuseppe Iuculano <giuseppe@iuculanoit> Date: S ...

CWE-399 NVD-CWE-noinfo http://secunia.com/advisories/36039 http://downloads.asterisk.org/pub/security/AST-2009-004.html http://downloads.digium.com/pub/security/AST-2009-004-1.6.1.diff.txt http://www.securityfocus.com/bid/35837 http://www.vupen.com/english/advisories/2009/2067 http://www.securitytracker.com/id?1022608 http://osvdb.org/56571 https://exchange.xforce.ibmcloud.com/vulnerabilities/52046 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539473 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-2651

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect