CVE Reference: CVE-2013-5641

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2013-5641

Description:
The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an ACK with SDP to a previously terminated channel. NOTE: some of these details are obtained from third party information.

CVE Status:
Candidate

References:

ST
  1028956

SAID
  Secunia Advisory: SA54534
  Secunia Advisory: SA54617

OSVDB
  96691

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2013:223

DEBIAN
  http://www.debian.org/security/2013/dsa-2749

CONFIRM
  http://downloads.asterisk.org/pub/security/AST-2013-004.html

BUGTRAQ
  http://seclists.org/bugtraq/2013/Aug/185
  http://archives.neohapsis.com/archives/bugtraq/2013-08/0175.html

BID
  62021


Return to the previous page.