Computer Security
[EN] securityvulns.ru no-pyccku


Asterisk uninitilized memory reference
Published:24.10.2011
Source:
SecurityVulns ID:11987
Type:remote
Threat Level:
6/10
Description:Crash on SIP request processing.
Affected:ASTERISK : Asterisk 1.8
 ASTERISK : Asterisk 10.0
CVE:CVE-2011-4063 (chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request.)
Original documentdocumentASTERISK, AST-2011-012: Remote crash vulnerability in SIP channel driver (24.10.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod