Asterisk PBX SIP DoS updated since 04.03.2007
Published:		22.03.2007
Source:		FULL-DISCLOSURE
SecurityVulns ID:		7344
Type:		remote
Level:		6/10
Description:		Application crash on malcrafted SIP packet.

Affected:		ASTERISK : Asterisk 1.2
		ASTERISK : Asterisk 1.4
CVE:		CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form.)
		CVE-2007-1594 (The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP Response code 0 in a SIP packet.)
		CVE-2007-1561 (The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.)
		CVE-2007-1306 (Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attackers to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference.)

Original document		Matt Riddell (IT), Two new DoS Vulnerabilities in Asterisk Fixed (22.03.2007)
		Radu State, [Full-disclosure] Asterisk SDP DOS vulnerability (19.03.2007)
		noreply_(at)_musecurity.com, [Full-disclosure] [MU-200703-01] Remote DOS in Asterisk SIP (09.03.2007)
		Anonymous Person, [Full-disclosure] asterisk remote pre-auth denial of service (04.03.2007)

Files:		Exploits Asterisk INVITE SIP message DoS
		Exploits Asterisk SIP DoS vulnerability
Discuss:		Read or add your comments to this news (0 comments)