CVE-2012-3863 in Asterisk
摘要 (英语)
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones does not properly handle a provisional response to a SIP reINVITE request, which allows remote authenticated users to cause a denial of service (RTP port exhaustion) via sessions that lack final responses.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
预定
2012-07-06
披露
2012-07-09
状态
已确认
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 61225 | Digium Asterisk 拒绝服务 | 399 | 未定义 | 官方修复 | CVE-2012-3863 |