Signature Detail
Short Name |
APP:DIGIUM-IAX2-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Digium Asterisk IAX2 Call Number Denial Of Service |
Release Date |
2011/07/19 |
Update Number |
1957 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Digium Asterisk IAX2 Call Number Denial Of Service
This signature detects attempts to exploit a known vulnerability against Digium Asterisk IAX2 Call Number. A successful attack can result in a denial-of-service condition.
Extended Description
Asterisk is prone to a remote denial-of-service vulnerability because it fails to properly handle an excessive amount of call numbers. Successful exploits can cause the application to stop accepting connections, resulting in denial-of-service conditions for legitimate users.
Affected Products
- Asterisk 1.2.0 .0-beta1
- Asterisk 1.2.0 .0-beta2
- Asterisk 1.2.10
- Asterisk 1.2.11
- Asterisk 1.2.13
- Asterisk 1.2.14
- Asterisk 1.2.15
- Asterisk 1.2.16
- Asterisk 1.2.17
- Asterisk 1.2.18
- Asterisk 1.2.19
- Asterisk 1.2.21
- Asterisk 1.2.22
- Asterisk 1.2.23
- Asterisk 1.2.24
- Asterisk 1.2.25
- Asterisk 1.2.26
- Asterisk 1.2.27
- Asterisk 1.2.28
- Asterisk 1.2.29
- Asterisk 1.2.30
- Asterisk 1.2.30.3
- Asterisk 1.2.30.4
- Asterisk 1.2.31
- Asterisk 1.2.32
- Asterisk 1.2.33
- Asterisk 1.2.34
- Asterisk 1.2.5
- Asterisk 1.2.6
- Asterisk 1.2.7
- Asterisk 1.2.8
- Asterisk 1.2.9
- Asterisk 1.4.1
- Asterisk 1.4.10
- Asterisk 1.4.11
- Asterisk 1.4.12
- Asterisk 1.4.13
- Asterisk 1.4.14
- Asterisk 1.4.15
- Asterisk 1.4.16
- Asterisk 1.4.17
- Asterisk 1.4.18
- Asterisk 1.4.18.1
- Asterisk 1.4.19
- Asterisk 1.4.19.1
- Asterisk 1.4.19-Rc3
- Asterisk 1.4.2
- Asterisk 1.4.21.2
- Asterisk 1.4.22
- Asterisk 1.4.22.1
- Asterisk 1.4.23
- Asterisk 1.4.23.1
- Asterisk 1.4.23 .2
- Asterisk 1.4.24
- Asterisk 1.4.24.1
- Asterisk 1.4.26
- Asterisk 1.4.26.1
- Asterisk 1.4.3
- Asterisk 1.4.4
- Asterisk 1.4.5
- Asterisk 1.4.6
- Asterisk 1.4.7
- Asterisk 1.4.8
- Asterisk 1.4.9
- Asterisk 1.4 Beta
- Asterisk 1.4 Revision 95946
- Asterisk 1.6
- Asterisk 1.6.0.14
- Asterisk 1.6.0.3
- Asterisk 1.6.0 6
- Asterisk 1.6.0.8
- Asterisk 1.6.0 Beta6
- Asterisk 1.6.1
- Asterisk 1.6.1 0-Rc1
- Asterisk 1.6.1 0-Rc2
- Asterisk 1.6.1.5
- Asterisk Asterisk Business Edition B.1.3.2
- Asterisk Asterisk Business Edition B.1.3.3
- Asterisk Asterisk Business Edition B.2.2.0
- Asterisk Asterisk Business Edition B.2.2.1
- Asterisk Asterisk Business Edition B.2.3.1
- Asterisk Asterisk Business Edition B.2.3.2
- Asterisk Asterisk Business Edition B.2.3.3
- Asterisk Asterisk Business Edition B.2.3.4
- Asterisk Asterisk Business Edition B.2.3.5
- Asterisk Asterisk Business Edition B.2.3.6
- Asterisk Asterisk Business Edition B.2.5
- Asterisk Asterisk Business Edition B.2.5.1
- Asterisk Asterisk Business Edition B.2.5.2
- Asterisk Asterisk Business Edition B.2.5.3
- Asterisk Asterisk Business Edition B.2.5.4
- Asterisk Asterisk Business Edition B.2.5.5
- Asterisk Asterisk Business Edition B.2.5.6
- Asterisk Asterisk Business Edition B.2.5.8
- Asterisk Asterisk Business Edition B.2.5.9
- Asterisk Asterisk Business Edition C.1.0-beta7
- Asterisk Asterisk Business Edition C.1.0-beta8
- Asterisk Asterisk Business Edition C.1.10.3
- Asterisk Asterisk Business Edition C.1.10.4
- Asterisk Asterisk Business Edition C.1.10.5
- Asterisk Asterisk Business Edition C.1.6
- Asterisk Asterisk Business Edition C.1.6.1
- Asterisk Asterisk Business Edition C.1.6.2
- Asterisk Asterisk Business Edition C.1.8.1
- Asterisk Asterisk Business Edition C.2.1.2.1
- Asterisk Asterisk Business Edition C.2.3
- Asterisk Asterisk Business Edition C.2.3 .2
- Asterisk Asterisk Business Edition C.2.3.3
- Asterisk Asterisk Business Edition C.2.4.2
- Asterisk Asterisk Business Edition C.3.1.0
- Asterisk s800i Appliance 1.3.0
- Asterisk s800i Appliance 1.3.0.2
- Gentoo Linux
- Red Hat Fedora 10
- Red Hat Fedora 11
References
- BugTraq: 36275
- CVE: CVE-2009-2346