ID de Prueba:	1.3.6.1.4.1.25623.1.0.802063
Categoría:	Denial of Service
Título:	Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability
Resumen:	Asterisk Server is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Asterisk Server is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Error within the SIP channel driver when handling a crafted SDP in a SIP request. Vulnerability Impact: Successful exploitation could allow remote attackers to cause a denial of service via a crafted SDP in a SIP request. Affected Software/OS: Asterisk Open Source 1.8.x to 1.8.23.0, 10.x to 10.12.2 and 11.x to 11.5.0 Certified Asterisk 1.8.15 to 1.8.15-cert2 and 11.2 to 11.2-cert1 Asterisk Digiumphones 10.x-digiumphones to 10.12.2-digiumphones Solution: Upgrade to Asterisk Open Source to 1.8.23.1, 10.12.3, 11.5.1 or later, Certified Asterisk to 1.8.15-cert3, 11.2-cert2 or later, Asterisk Digiumphones 10.12.3-digiumphones or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5642 BugTraq ID: 62022 http://www.securityfocus.com/bid/62022 Bugtraq: 20130827 AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request (Google Search) http://archives.neohapsis.com/archives/bugtraq/2013-08/0174.html Debian Security Information: DSA-2749 (Google Search) http://www.debian.org/security/2013/dsa-2749 http://www.mandriva.com/security/advisories?name=MDVSA-2013:223 http://osvdb.org/96690 http://www.securitytracker.com/id/1028957 http://secunia.com/advisories/54534 http://secunia.com/advisories/54617
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.