PT-2011-2922 · Sangoma · Asterisk Open Source
Publicado
2011-03-31
·
Atualizado
2017-08-17
·
CVE-2011-1175
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Asterisk Open Source versions 1.6.1.x through 1.6.1.22
Asterisk Open Source versions 1.6.2.x through 1.6.2.17
Asterisk Open Source versions 1.8.x through 1.8.2
Description
The issue allows remote attackers to cause a denial of service by establishing many short TCP sessions to services that use a certain TLS API, resulting in a NULL pointer dereference and daemon crash.
Recommendations
For Asterisk Open Source versions 1.6.1.x through 1.6.1.22, update to version 1.6.1.23 or later.
For Asterisk Open Source versions 1.6.2.x through 1.6.2.17, update to version 1.6.2.17.1 or later.
For Asterisk Open Source versions 1.8.x through 1.8.2, update to version 1.8.3.1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Asterisk Open Source