Asterisk Skinny Channel Driver Heap-Based Buffer Overflow Vulnerability
BID:53210
Info
Asterisk Skinny Channel Driver Heap-Based Buffer Overflow Vulnerability
| Bugtraq ID: | 53210 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-2415 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 23 2012 12:00AM |
| Updated: | Apr 13 2015 09:16PM |
| Credit: | Russell Bryant |
| Vulnerable: |
Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Asterisk Asterisk 10.0.1 Asterisk Asterisk 10.0 Asterisk Asterisk 1.8.8 2 Asterisk Asterisk 1.8.4 2 Asterisk Asterisk 1.8.4 1 Asterisk Asterisk 1.8.2 4 Asterisk Asterisk 1.8.1 Asterisk Asterisk 1.8 Asterisk Asterisk 1.6.2 16.2 Asterisk Asterisk 1.6.2 .5 Asterisk Asterisk 1.6.2 Asterisk Asterisk 10.3.0 Asterisk Asterisk 10.2.1 Asterisk Asterisk 10.2.0 Asterisk Asterisk 10.0 Asterisk Asterisk 1.8.7.2 Asterisk Asterisk 1.8.7.1 Asterisk Asterisk 1.8.4.4 Asterisk Asterisk 1.8.4.3 Asterisk Asterisk 1.8.3.3 Asterisk Asterisk 1.8.3.1 Asterisk Asterisk 1.8.2.1 Asterisk Asterisk 1.8.11.0 Asterisk Asterisk 1.8.10.1 Asterisk Asterisk 1.8.10.0 Asterisk Asterisk 1.8.1.2 Asterisk Asterisk 1.8 Asterisk Asterisk 1.6.2.23 Asterisk Asterisk 1.6.2.22 Asterisk Asterisk 1.6.2.21 Asterisk Asterisk 1.6.2.20 Asterisk Asterisk 1.6.2.2 Asterisk Asterisk 1.6.2.18.2 Asterisk Asterisk 1.6.2.18.1 Asterisk Asterisk 1.6.2.17.3 Asterisk Asterisk 1.6.2.17.1 Asterisk Asterisk 1.6.2.16.1 Asterisk Asterisk 1.6.2.15.1 |
| Not Vulnerable: |
Asterisk Asterisk 10.3.1 Asterisk Asterisk 1.8.11.1 Asterisk Asterisk 1.6.2.24 |
Discussion
Asterisk Skinny Channel Driver Heap-Based Buffer Overflow Vulnerability
Asterisk is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application or to crash the application, denying service to legitimate users.
Asterisk is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application or to crash the application, denying service to legitimate users.
Solution / Fix
Asterisk Skinny Channel Driver Heap-Based Buffer Overflow Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.