exploit the possibilities
Showing 1 - 3 of 3 RSS Feed

CVE-2013-5641

Status Candidate

Overview

The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an ACK with SDP to a previously terminated channel. NOTE: some of these details are obtained from third party information.

Related Files

Gentoo Linux Security Advisory 201401-15
Posted Jan 21, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-15 - Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. Versions less than 11.7.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-5976, CVE-2012-5977, CVE-2013-2264, CVE-2013-2685, CVE-2013-2686, CVE-2013-5641, CVE-2013-5642, CVE-2013-7100
MD5 | c2ad750f56dc57b1f9f52346c4cb4889
Debian Security Advisory 2749-1
Posted Sep 2, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2749-1 - Colin Cuthbertson and Walter Doekes discovered two vulnerabilities in the SIP processing code of Asterisk - an open source PBX and telephony toolkit -, which could result in denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2013-5641, CVE-2013-5642
MD5 | dc7b7e7964ef558ad0d4ef145abeab4f
Mandriva Linux Security Advisory 2013-223
Posted Aug 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-223 - A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present. A remotely exploitable crash vulnerability exists in the SIP channel driver if an invalid SDP is sent in a SIP request that defines media descriptions before connection information. The handling code incorrectly attempts to reference the socket address information even though that information has not yet been set.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-5641, CVE-2013-5642
MD5 | 10d1ba6020fbf722f75b381de709e3a5
Page 1 of 1
Back1Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    32 Files
  • 15
    Jun 15th
    34 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close