Test Kennung:	1.3.6.1.4.1.25623.1.0.802063
Kategorie:	Denial of Service
Titel:	Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability
Zusammenfassung:	Asterisk Server is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: Asterisk Server is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Error within the SIP channel driver when handling a crafted SDP in a SIP request. Vulnerability Impact: Successful exploitation could allow remote attackers to cause a denial of service via a crafted SDP in a SIP request. Affected Software/OS: Asterisk Open Source 1.8.x to 1.8.23.0, 10.x to 10.12.2 and 11.x to 11.5.0 Certified Asterisk 1.8.15 to 1.8.15-cert2 and 11.2 to 11.2-cert1 Asterisk Digiumphones 10.x-digiumphones to 10.12.2-digiumphones Solution: Upgrade to Asterisk Open Source to 1.8.23.1, 10.12.3, 11.5.1 or later, Certified Asterisk to 1.8.15-cert3, 11.2-cert2 or later, Asterisk Digiumphones 10.12.3-digiumphones or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5642 BugTraq ID: 62022 http://www.securityfocus.com/bid/62022 Bugtraq: 20130827 AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-08/0174.html Debian Security Information: DSA-2749 (Google Search) http://www.debian.org/security/2013/dsa-2749 http://www.mandriva.com/security/advisories?name=MDVSA-2013:223 http://osvdb.org/96690 http://www.securitytracker.com/id/1028957 http://secunia.com/advisories/54534 http://secunia.com/advisories/54617
Copyright	Copyright (C) 2013 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.