Published: 04/01/2013 Updated: 02/02/2013

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Asterisk Open Source 1.8.x prior to 1.8.19.1, 10.x prior to 10.11.1, and 11.x prior to 11.1.2; Certified Asterisk 1.8.11 prior to 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones prior to 10.11.1-digiumphones, when anonymous calls are enabled, allow remote malicious users to cause a denial of service (resource consumption) by making anonymous calls from multiple sources and consequently adding many entries to the device state cache.

Vulnerable Product	Search on Vulmon	Subscribe to Product
digium asterisk 1.8.12.0
digium asterisk 1.8.10.0
digium asterisk 1.8.11.0
digium asterisk 1.8.9.2
digium asterisk 1.8.9.3
digium asterisk 1.8.8.2
digium asterisk 1.8.9.0
digium asterisk 1.8.13.0
digium asterisk 1.8.15.0
digium asterisk 1.8.14.1
digium asterisk 1.8.0
digium asterisk 1.8.3
digium asterisk 1.8.3.1
digium asterisk 1.8.6.0
digium asterisk 1.8.17.0
digium asterisk 1.8.8.0
digium asterisk 1.8.11.1
digium asterisk 1.8.14.0
digium asterisk 1.8.4
digium asterisk 1.8.2.3
digium asterisk 1.8.5.0
digium asterisk 1.8.5
digium asterisk 1.8.7.0
digium asterisk 1.8.7.1
digium asterisk 1.8.18.0
digium asterisk 1.8.10.1
digium asterisk 1.8.12
digium asterisk 1.8.8.1
digium asterisk 1.8.1.1
digium asterisk 1.8.4.1
digium asterisk 1.8.1
digium asterisk 1.8.2
digium asterisk 1.8.4.4
digium asterisk 1.8.2.4
digium asterisk 1.8.19.0
digium asterisk 1.8.1.2
digium asterisk 1.8.9.1
digium asterisk 1.8.13.1
digium asterisk 1.8.15.1
digium asterisk 1.8.3.3
digium asterisk 1.8.2.2
digium asterisk 1.8.2.1
digium asterisk 1.8.4.3
digium asterisk 1.8.4.2
digium asterisk 1.8.3.2
digium asterisk 1.8.16.0
digium asterisk 1.8.18.1
digium asterisk
digium asterisk 10.4.0
digium asterisk 10.2.0
digium asterisk 10.0.1
digium asterisk 10.1.0
digium asterisk 10.5.0
digium asterisk 10.4.1
digium asterisk 10.5.2
digium asterisk 10.7.0
digium asterisk 10.9.0
digium asterisk 10.11.0
digium asterisk 10.3.1
digium asterisk 10.3.0
digium asterisk 10.1.3
digium asterisk 10.0.0
digium asterisk 10.5.1
digium asterisk 10.6.0
digium asterisk 10.6.1
digium asterisk 10.7.1
digium asterisk 10.8.0
digium asterisk 10.10.0
digium asterisk 10.2.1
digium asterisk 10.1.2
digium asterisk 10.1.1
digium asterisk 10.4.2
digium asterisk 10.10.1
digium asterisk 11.0.0
digium asterisk 11.1.0
digium asterisk 11.1.1
digium asterisk 11.0.2
digium asterisk 11.0.1
digium certified asterisk 1.8.11

Debian Bug report logs - #704114 asterisk: asterisk security advisories: AST-2013-001 / AST-2013-002 / AST-2013-003 Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Source for asterisk is src:asterisk (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso <car ...

Debian Bug report logs - #697230 asterisk: Two security issues: AST-2012-014 / AST-2012-015 Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Source for asterisk is src:asterisk (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso <carnil@debianorg> Dat ...

Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, that allow remote attackers to perform denial of service attacks For the stable distribution (squeeze), these problems have been fixed in version 1:1629-2+squeeze10 For the testing distribution (wheezy) and unstable distribution (sid), these problems will be fixe ...

CWE-119 http://downloads.asterisk.org/pub/security/AST-2012-015 https://issues.asterisk.org/jira/browse/ASTERISK-20175 http://www.debian.org/security/2013/dsa-2605 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704114 https://www.debian.org/security/./dsa-2605

CVE-2012-5977

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect