Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.100366
Category:Denial of Service
Title:Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
Summary:Asterisk is prone to a remote denial-of-service vulnerability because; it fails to properly handle malformed RTP comfort noise data.
Description:Summary:
Asterisk is prone to a remote denial-of-service vulnerability because
it fails to properly handle malformed RTP comfort noise data.

Vulnerability Impact:
Successful exploits can crash the application, resulting in denial-of-
service conditions for legitimate users.

Solution:
Updates are available. Please see the references for details.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Cross-Ref: BugTraq ID: 37153
Common Vulnerability Exposure (CVE) ID: CVE-2009-4055
http://www.securityfocus.com/bid/37153
Bugtraq: 20091130 AST-2009-010: RTP Remote Crash Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/508147/100/0/threaded
Debian Security Information: DSA-1952 (Google Search)
http://www.debian.org/security/2009/dsa-1952
http://www.redhat.com/archives/fedora-package-announce/2009-December/msg00759.html
http://www.osvdb.org/60569
http://securitytracker.com/id?1023249
http://secunia.com/advisories/37530
http://secunia.com/advisories/37677
http://secunia.com/advisories/37708
http://www.vupen.com/english/advisories/2009/3368
XForce ISS Database: asterisk-rtp-comfortnoise-dos(54471)
https://exchange.xforce.ibmcloud.com/vulnerabilities/54471
CopyrightCopyright (C) 2009 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.