fkie_cve-2010-0441
Vulnerability from fkie_nvd
Published
2010-02-04 20:15
Modified
2024-11-21 01:12
Severity ?
Summary
Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1EFFF2-1982-47F8-AD13-F092EEAA6CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F6B7EB6-7C40-4F9A-8740-C3047260F585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5A2517-8ACA-43B9-B40F-2178E1E6FB2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CA5945-22BD-4C0B-B572-E8A4F97B0072",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "610ACBCE-07B7-4A6F-9D3F-F4BA787DC873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EC87EDE8-E27F-4423-A816-C68FD6E43217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F465A7B8-599B-4DD6-91C3-AC532FC58C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "683AE289-8941-4CB5-8F5D-AB004E2368E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "945F6B76-2970-4846-8480-1BB5CC6AAED9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "43A01317-A0CB-4469-AB2A-810AD3F0ACF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C346B14C-D023-4080-B283-0AFB7AE2707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "88C2A2C9-18CD-4B6E-A9ED-30E26E44421D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D797FD-9180-427B-B1D3-2137AA2A019A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5135FC8A-84CD-4020-A296-907725D2A7B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.16-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "80497A77-FC5D-4F01-9809-9E4C08D7CD7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.16-rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA1B6A5-5E17-414B-B83D-08A5012A57F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57645851-EC85-44AE-BC8A-A1640D5012B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "653E068C-4F8F-43EB-849A-A9FCD16000F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.18-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "F167788D-4366-4606-8F6C-2DD0AE345288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.18-rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2D5A01-DDEA-40EB-ADAA-A92073746E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.18-rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "08A4B790-EDC4-40B9-AFC3-C647E49A2E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "58ACA45B-F10E-4D45-91C5-2C46BE11772E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9676FE-3750-453E-9804-973072E04BB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.20-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "05F8B5EE-3664-4F43-B6FD-92856067266F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "97AB2998-5654-4D74-95D3-C26B04C77FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.0.21-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "93F366A3-F3C6-4B66-B987-DDB1E2AFA6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94C2F7A6-388A-4C17-ABC3-8AA78EB9E21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0CCE62F1-803B-43AF-B367-26CEE18F22C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A90DF9-FFC8-4724-85E2-1873C1945E1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE3AE1B-E9A1-4318-AE88-EA47643A9845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "53397CB5-77A4-423B-8094-DD9AAF14937A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D3BDAEC9-5A52-4C8A-A746-659779EEC71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.7-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "13B84311-DF6D-44F7-9A14-4B754EE293B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.7-rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAA69EC7-9F9E-4BD3-ABFF-9D6E9B38FC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "682C07DA-7537-4F68-9DF8-2E4615016B2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "49FD6C99-63D8-4B05-A2F1-8A30E96DFFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E546955D-5107-4F4A-884C-1A0A1C26DCC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.10-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "384FD027-C085-4FDC-89B0-45496A876FFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.10-rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "A70428E6-3220-4983-86AD-EEAB32AE3049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.10-rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "90378BB8-7817-4192-93BA-53BD12A44E80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "72A748AF-36B1-47DC-9132-DD44D5014E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "99D4CF13-83F5-40CE-BF8A-C37582F72108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.12-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "26EA652F-F045-4872-A916-6145C7A6AC94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4CDC89DD-96B1-458B-B8D6-958D8D42EF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.1.13-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA85B103-1763-4BE8-A8F2-D1AA1A79437B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52F43F8F-BD5D-45EF-94D4-1405F2ACB31E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.2.1-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC00ABF5-D79B-41CA-9451-5C5FB215BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.10-rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9455CE-C01B-4C25-B8FB-B6BF46E6162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:1.6.10-rc2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A8B75E-9299-40B6-925A-E0B11B358025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.3.1.0:*:business:*:*:*:*:*",
"matchCriteriaId": "E6B4EC4D-957C-4A93-B65C-10114845A226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.3.1.1:*:business:*:*:*:*:*",
"matchCriteriaId": "119C7D71-C02A-494D-8567-3BFC8BB84494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.3.2.2:*:business:*:*:*:*:*",
"matchCriteriaId": "0FF85A31-73C4-45E7-B42A-E653F6420F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.3.3.3:*:business:*:*:*:*:*",
"matchCriteriaId": "13B34567-05CD-4111-B28B-1AAA3B454635",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number."
},
{
"lang": "es",
"value": "Asterisk Open Source v1.6.0.x anterior v1.6.0.22, v1.6.1.x anterior v1.6.1.14, y v1.6.2.x anterior v1.6.2.2, y Business Edition vC.3 anterior vC.3.3.2, permite a atacantes remotos causar una denegaci\u00f3n de demonio (ca\u00edda de demonio) a trav\u00e9s de una negociaci\u00f3n SIP T.38 con un campo SDP FaxMaxDatagram que (1) perdido, (2) modificado para contener un n\u00famero negativo o (3) modificado para contener un n\u00famero largo."
}
],
"id": "CVE-2010-0441",
"lastModified": "2024-11-21T01:12:13.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-04T20:15:24.030",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff"
},
{
"source": "cve@mitre.org",
"url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff"
},
{
"source": "cve@mitre.org",
"url": "http://downloads.asterisk.org/pub/security/AST-2010-001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38395"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39096"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023532"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/509327/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38047"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0289"
},
{
"source": "cve@mitre.org",
"url": "https://issues.asterisk.org/view.php?id=16517"
},
{
"source": "cve@mitre.org",
"url": "https://issues.asterisk.org/view.php?id=16634"
},
{
"source": "cve@mitre.org",
"url": "https://issues.asterisk.org/view.php?id=16724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.asterisk.org/pub/security/AST-2010-001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/509327/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.asterisk.org/view.php?id=16517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.asterisk.org/view.php?id=16634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.asterisk.org/view.php?id=16724"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.