fkie_cve-2012-2948
Vulnerability from fkie_nvd
Published
2012-06-02 15:55
Modified
2024-11-21 01:40
Severity ?
Summary
chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert:*:*:*:*:*:*",
"matchCriteriaId": "4889B1B5-5160-476E-A1C0-BEAE63C85CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*",
"matchCriteriaId": "62867AEF-D685-4B1F-8AB9-D1CCAC559821",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E21DF0C9-16E4-44B0-8749-85F7F245A87A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1075D5D-5F81-4E26-90B0-60659B8D36B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB7C4A-7CF7-4D57-B65D-741AFA6393EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85522E25-E76C-4CCF-AB7C-A74E1703D919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AC3BE912-0B42-416B-A0E2-B17FDF07BAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "4FC9C2FB-A77B-4242-B4A1-92112E1C19B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8D9B19-BD1E-4E1C-A1C3-6C64A6612233",
"versionEndIncluding": "1.8.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB76519-FD6D-4D74-8DF7-719822588C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9DEA8945-9ACD-4CE7-A5E6-5207E16C663E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B2A7FC21-74FF-48BF-9BA8-A143FCB2BF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FCD6B4-ED33-424F-AD30-64227894B0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E7D4883-79E3-4DD1-A555-136A0664E94E",
"versionEndIncluding": "10.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode."
},
{
"lang": "es",
"value": "chan_skinny.c en el controlador de canal de Skinny (alias SCCP) en Certified Asterisk 1.8.11-cert antes de v1.8.11-cert2 y Asterisk Open Source v1.8.x antes de v1.8.12.1 y v10.x antes de v10.4.1, permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio (eliminar la referencia del puntero NULL y ca\u00edda demonio) por el cierre de una conexi\u00f3n en el modo de descuelgue."
}
],
"id": "CVE-2012-2948",
"lastModified": "2024-11-21T01:40:00.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-02T15:55:01.027",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html"
},
{
"source": "cve@mitre.org",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-008.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/49303"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2012/dsa-2493"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53723"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027103"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75937"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.