Asterisk SCCP Skinny Channel Driver Denial Of Service Vulnerability
BID:53723
Info
Asterisk SCCP Skinny Channel Driver Denial Of Service Vulnerability
| Bugtraq ID: | 53723 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2012-2948 |
| Remote: | Yes |
| Local: | No |
| Published: | May 29 2012 12:00AM |
| Updated: | Jun 22 2012 12:10AM |
| Credit: | Christoph Hebeisen |
| Vulnerable: |
Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Asterisk Certified Asterisk 1.8.11-cert1 Asterisk Asterisk 10.0.1 Asterisk Asterisk 10.0 Asterisk Asterisk 1.8.8 2 Asterisk Asterisk 1.8.4 2 Asterisk Asterisk 1.8.4 1 Asterisk Asterisk 1.8.2 4 Asterisk Asterisk 1.8.1 Asterisk Asterisk 1.8 Asterisk Asterisk 10.3.1 Asterisk Asterisk 10.3.0 Asterisk Asterisk 10.2.1 Asterisk Asterisk 10.2.0 Asterisk Asterisk 1.8.7.2 Asterisk Asterisk 1.8.7.1 Asterisk Asterisk 1.8.4.4 Asterisk Asterisk 1.8.4.3 Asterisk Asterisk 1.8.3.3 Asterisk Asterisk 1.8.3.1 Asterisk Asterisk 1.8.2.1 Asterisk Asterisk 1.8.11.1 Asterisk Asterisk 1.8.11.0 Asterisk Asterisk 1.8.10.1 Asterisk Asterisk 1.8.10.0 Asterisk Asterisk 1.8.1.2 |
| Not Vulnerable: |
Asterisk Certified Asterisk 1.8.11-cert2 Asterisk Asterisk 10.4.1 Asterisk Asterisk 1.8.12.1 |
Discussion
Asterisk SCCP Skinny Channel Driver Denial Of Service Vulnerability
Asterisk is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to trigger a NULL-pointer dereference and cause a system crash, denying service to legitimate users.
Asterisk is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to trigger a NULL-pointer dereference and cause a system crash, denying service to legitimate users.
Exploit / POC
Asterisk SCCP Skinny Channel Driver Denial Of Service Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Asterisk SCCP Skinny Channel Driver Denial Of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Asterisk SCCP Skinny Channel Driver Denial Of Service Vulnerability
References:
References:
- Asterisk Homepage (Asterisk)
- AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability (Asterisk)