CVE-2011-2529
EPSS 3.4%asterisk - multiple issues
發布日:2011/7/6修改日:2026/4/28
描述
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 does not properly handle '\0' characters in SIP packets, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted packet.
受影響套件(3)
- Debian/asteriskfrom 0, < 1:1.8.4.3-1
- Debian/asteriskfrom 0, < 1:1.6.2.9-2+squeeze3
- Debian/asteriskfrom 0, < 1:1.6.2.9-2+squeeze3