PT-2007-5006 · Digium+1 · Asterisknow+3
Publicado
2007-07-18
·
Atualizado
2017-07-29
·
CVE-2007-3765
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Asterisk versions 1.4.x through 1.4.7
AsteriskNOW versions prior to beta7
Appliance Developer Kit versions prior to 0.5.0
s800i versions prior to 1.0.2
Description
The issue allows remote attackers to cause a denial of service, resulting in a crash. This is achieved by sending a crafted STUN packet with a malicious STUN length attribute on an RTP port.
Recommendations
For Asterisk versions 1.4.x through 1.4.7, update to version 1.4.8 or later.
For AsteriskNOW versions prior to beta7, update to beta7 or later.
For Appliance Developer Kit versions prior to 0.5.0, update to version 0.5.0 or later.
For s800i versions prior to 1.0.2, update to version 1.0.2 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Appliance Developer Kit
Asterisk
Asterisknow
S800I