SecuritySpace - CVE-2012-0885

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2012-0885

Description: chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.

Test IDs: 1.3.6.1.4.1.25623.1.0.71181 1.3.6.1.4.1.25623.1.0.70751

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2012-0885
http://www.openwall.com/lists/oss-security/2012/01/20/16
http://www.openwall.com/lists/oss-security/2012/01/20/18

CVE ID:	CVE-2012-0885
Description:	chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.
Test IDs:	1.3.6.1.4.1.25623.1.0.71181 1.3.6.1.4.1.25623.1.0.70751
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0885 http://www.openwall.com/lists/oss-security/2012/01/20/16 http://www.openwall.com/lists/oss-security/2012/01/20/18