Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.9999991 |
Kategorie: | Denial of Service |
Titel: | Asterisk PBX NULL Pointer Dereference Overflow |
Zusammenfassung: | The host host appears to be running Asterisk PBX which; is prone to a remote buffer overflow. |
Beschreibung: | Summary: The host host appears to be running Asterisk PBX which is prone to a remote buffer overflow. Vulnerability Insight: The application suffers from a null pointer dereference overflow in the SIP service. Vulnerability Impact: When sending a malformed SIP packet with no URI and version in the request an attacker can trigger a Denial of Service and shutdown the application resulting in a loss of availability. Solution: Upgrade to Asterisk PBX release 1.4.1 or 1.2.16. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
Querverweis: |
BugTraq ID: 22838 Common Vulnerability Exposure (CVE) ID: CVE-2007-1306 http://www.securityfocus.com/bid/22838 CERT/CC vulnerability note: VU#228032 http://www.kb.cert.org/vuls/id/228032 Debian Security Information: DSA-1358 (Google Search) http://www.debian.org/security/2007/dsa-1358 http://security.gentoo.org/glsa/glsa-200703-14.xml http://labs.musecurity.com/advisories/MU-200703-01.txt http://www.osvdb.org/33888 http://www.securitytracker.com/id?1017723 http://secunia.com/advisories/24380 http://secunia.com/advisories/24578 http://secunia.com/advisories/25582 SuSE Security Announcement: SUSE-SA:2007:034 (Google Search) http://www.novell.com/linux/security/advisories/2007_34_asterisk.html http://www.vupen.com/english/advisories/2007/0830 XForce ISS Database: asterisk-sip-channeldriver-dos(32830) https://exchange.xforce.ibmcloud.com/vulnerabilities/32830 |
Copyright | Copyright (C) 2008 Ferdy Riphagen |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |