This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
APP:DIGIUM-ASTERISK-OF
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
APP
|
Keywords |
Digium Asterisk HTTP Management Interface Stack Overflow
|
Release Date |
2013/05/29
|
Update Number |
2268
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
APP: Digium Asterisk HTTP Management Interface Stack Overflow
This signature detects possible attempts to exploit a known vulnerability in Digium Asterisk. A successful attack can lead to a Stack overflow and arbitrary remote code execution within the context of the system.
Extended Description
Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before 10.11.1-digiumphones allow remote attackers to cause a denial of service (daemon crash) via TCP data using the (1) SIP, (2) HTTP, or (3) XMPP protocol.
Affected Products
- Digium asterisk 10.0.0
- Digium asterisk 10.0.1
- Digium asterisk 10.1.0
- Digium asterisk 10.10.0
- Digium asterisk 10.10.1
- Digium asterisk 10.1.1
- Digium asterisk 10.11.0
- Digium asterisk 10.1.2
- Digium asterisk 10.1.3
- Digium asterisk 10.2.0
- Digium asterisk 10.2.1
- Digium asterisk 10.3.0
- Digium asterisk 10.3.1
- Digium asterisk 10.4.0
- Digium asterisk 10.4.1
- Digium asterisk 10.4.2
- Digium asterisk 10.5.0
- Digium asterisk 10.5.1
- Digium asterisk 10.5.2
- Digium asterisk 10.6.0
- Digium asterisk 10.6.1
- Digium asterisk 10.7.0
- Digium asterisk 10.7.1
- Digium asterisk 10.8.0
- Digium asterisk 10.9.0
- Digium asterisk 11.0.0
- Digium asterisk 11.0.1
- Digium asterisk 11.0.2
- Digium asterisk 11.1.0
- Digium asterisk 11.1.1
- Digium asterisk 1.8.0
- Digium asterisk 1.8.1
- Digium asterisk 1.8.10.0
- Digium asterisk 1.8.10.1
- Digium asterisk 1.8.1.1
- Digium asterisk 1.8.11.0
- Digium asterisk 1.8.11.1
- Digium asterisk 1.8.12
- Digium asterisk 1.8.1.2
- Digium asterisk 1.8.12.0
- Digium asterisk 1.8.13.0
- Digium asterisk 1.8.13.1
- Digium asterisk 1.8.14.0
- Digium asterisk 1.8.14.1
- Digium asterisk 1.8.15.0
- Digium asterisk 1.8.15.1
- Digium asterisk 1.8.16.0
- Digium asterisk 1.8.17.0
- Digium asterisk 1.8.18.0
- Digium asterisk 1.8.18.1
- Digium asterisk 1.8.19.0
- Digium asterisk 1.8.2
- Digium asterisk 1.8.2.1
- Digium asterisk 1.8.2.2
- Digium asterisk 1.8.2.3
- Digium asterisk 1.8.2.4
- Digium asterisk 1.8.3
- Digium asterisk 1.8.3.1
- Digium asterisk 1.8.3.2
- Digium asterisk 1.8.3.3
- Digium asterisk 1.8.4
- Digium asterisk 1.8.4.1
- Digium asterisk 1.8.4.2
- Digium asterisk 1.8.4.3
- Digium asterisk 1.8.4.4
- Digium asterisk 1.8.5
- Digium asterisk 1.8.5.0
- Digium asterisk 1.8.6.0
- Digium asterisk 1.8.7.0
- Digium asterisk 1.8.7.1
- Digium asterisk 1.8.8.0
- Digium asterisk 1.8.8.1
- Digium asterisk 1.8.8.2
- Digium asterisk 1.8.9.0
- Digium asterisk 1.8.9.1
- Digium asterisk 1.8.9.2
- Digium asterisk 1.8.9.3
- Digium certified_asterisk 1.8.11
References