chan_sip.c in Asterisk Open Source 1.8.x prior to 1.8.8.2 and 10.x prior to 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
asterisk open source 1.8.0 |
||
asterisk open source 1.8.2 |
||
asterisk open source 1.8.2.1 |
||
asterisk open source 1.8.2.2 |
||
asterisk open source 1.8.4.1 |
||
asterisk open source 1.8.4.2 |
||
asterisk open source 1.8.4.3 |
||
asterisk open source 1.8.4.4 |
||
asterisk open source 1.8.8.0 |
||
asterisk open source 1.8.3 |
||
asterisk open source 1.8.3.1 |
||
asterisk open source 1.8.3.2 |
||
asterisk open source 1.8.3.3 |
||
asterisk open source 1.8.6.0 |
||
asterisk open source 1.8.7.0 |
||
asterisk open source 1.8.1 |
||
asterisk open source 1.8.1.1 |
||
asterisk open source 1.8.2.4 |
||
asterisk open source 1.8.4 |
||
asterisk open source 1.8.5 |
||
asterisk open source 1.8.7.1 |
||
asterisk open source 1.8.1.2 |
||
asterisk open source 1.8.2.3 |
||
asterisk open source 1.8.5.0 |
||
asterisk open source 1.8.7.2 |
||
asterisk open source 1.8.8.1 |
||
asterisk open source 10.0.0 |
Vulmon