CVE-2012-0885

Name of the Vulnerable Software and Affected Versions Asterisk Open Source versions 1.8.x through 1.8.8.1 Asterisk Open Source versions 10.x through 10.0.0

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash, by sending a crafted SDP message with a crypto attribute and a video or text media type. This can be exploited when the res srtp module is used and media support is improperly configured.

Recommendations For Asterisk Open Source versions 1.8.x through 1.8.8.1, update to version 1.8.8.2 or later. For Asterisk Open Source versions 10.x through 10.0.0, update to version 10.0.1 or later.