Remote Denial of Service Vulnerability in Asterisk by Digium
CVE-2007-3763

Currently unrated

Key Information:

Vendor
Asterisk
Status
Asterisk
Asterisknow
Asterisk Appliance Developer Kit
Vendor
CVE Published:
18 July 2007

Summary

A flaw in the IAX2 channel driver (chan_iax2) of Asterisk allows remote attackers to cause a denial of service through crafted LAGRQ or LAGRP frames. This vulnerability arises from a NULL pointer dereference due to improper variable handling when processing IAX frame information elements. Users of affected Asterisk versions should take immediate action to mitigate potential disruptions.

References

http://ftp.digium.com/pub/asa/ASA-2007-015.pdf
x_refsource_CONFIRM
http://secunia.com/advisories/26099
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/24950
vdb-entryx_refsource_BID

EPSS Score

24% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2007-3763 : Remote Denial of Service Vulnerability in Asterisk by Digium | SecurityVulnerability.io