Computer Security

Asterisk uninitilized memory reference
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Asterisk uninitilized memory reference
Published:24.10.2011
Source:BUGTRAQ
SecurityVulns ID:11987
Type:remote
Level:6/10
Description:Crash on SIP request processing.
Affected:ASTERISK : Asterisk 1.8
 ASTERISK : Asterisk 10.0
CVE:CVE-2011-4063 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request.)
Original documentdocumentASTERISK, AST-2011-012: Remote crash vulnerability in SIP channel driver (24.10.2011)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru