Published: 04/02/2010 Updated: 10/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Asterisk Open Source 1.6.0.x prior to 1.6.0.22, 1.6.1.x prior to 1.6.1.14, and 1.6.2.x prior to 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote malicious users to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number.

Vulnerable Product	Search on Vulmon	Subscribe to Product
asterisk asterisk 1.6.0
asterisk asterisk 1.6.0.9
asterisk asterisk 1.6.0.10
asterisk asterisk 1.6.0.17
asterisk asterisk 1.6.0.18
asterisk asterisk 1.6.0.21
asterisk asterisk 1.6.10-rc2
asterisk asterisk 1.6.1.7-rc1
asterisk asterisk 1.6.1.7-rc2
asterisk asterisk 1.6.1.11
asterisk asterisk 1.6.1.12
asterisk asterisk c.3.1.1
asterisk asterisk c.3.1.0
asterisk asterisk 1.6.0.6
asterisk asterisk 1.6.0.7
asterisk asterisk 1.6.0.8
asterisk asterisk 1.6.0.16-rc1
asterisk asterisk 1.6.0.16-rc2
asterisk asterisk 1.6.0.20
asterisk asterisk 1.6.0.20-rc1
asterisk asterisk 1.6.1.4
asterisk asterisk 1.6.1.5
asterisk asterisk 1.6.1.6
asterisk asterisk 1.6.1.10-rc2
asterisk asterisk 1.6.1.10-rc3
asterisk asterisk 1.6.1.13-rc1
asterisk asterisk 1.6.0.21-rc1
asterisk asterisk 1.6.0.1
asterisk asterisk 1.6.0.2
asterisk asterisk 1.6.0.12
asterisk asterisk 1.6.0.13
asterisk asterisk 1.6.0.18-rc1
asterisk asterisk 1.6.0.18-rc2
asterisk asterisk 1.6.10-rc1
asterisk asterisk 1.6.1.0
asterisk asterisk 1.6.1.8
asterisk asterisk 1.6.1.9
asterisk asterisk 1.6.1.12-rc1
asterisk asterisk 1.6.2.1
asterisk asterisk c.3.2.2
asterisk asterisk c.3.3.3
asterisk asterisk 1.6.0.3
asterisk asterisk 1.6.0.5
asterisk asterisk 1.6.0.14
asterisk asterisk 1.6.0.15
asterisk asterisk 1.6.0.18-rc3
asterisk asterisk 1.6.0.19
asterisk asterisk 1.6.1.1
asterisk asterisk 1.6.1.2
asterisk asterisk 1.6.1.10
asterisk asterisk 1.6.1.10-rc1
asterisk asterisk 1.6.2.1-rc1
asterisk asterisk 1.6.1.13

CWE-20 http://www.securityfocus.com/bid/38047 http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff https://issues.asterisk.org/view.php?id=16517 http://downloads.asterisk.org/pub/security/AST-2010-001.html http://www.vupen.com/english/advisories/2010/0289 http://secunia.com/advisories/38395 http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff https://issues.asterisk.org/view.php?id=16724 http://securitytracker.com/id?1023532 https://issues.asterisk.org/view.php?id=16634 http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff http://secunia.com/advisories/39096 http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html http://www.securityfocus.com/archive/1/509327/100/0/threaded https://nvd.nist.gov

CVE-2010-0441

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect