Denial of Service Vulnerability in Asterisk Skinny Channel Driver
CVE-2007-3764

Currently unrated

Key Information:

Vendor
Asterisk
Status
Asterisk
Asterisknow
Asterisk Appliance Developer Kit
Vendor
CVE Published:
18 July 2007

Summary

The Skinny channel driver (chan_skinny) in various versions of Asterisk is susceptible to a denial of service attack. Attackers can exploit this vulnerability by sending specially crafted packets with an excessively large data length, leading to a crash caused by an overly large memcpy operation. This can disrupt service and affect the availability of the Asterisk applications, highlighting the importance of keeping software up to date to mitigate such threats.

References

http://secunia.com/advisories/26099
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/24950
vdb-entryx_refsource_BID
http://www.securitytracker.com/id?1018407
vdb-entryx_refsource_SECTRACK

EPSS Score

45% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2007-3764 : Denial of Service Vulnerability in Asterisk Skinny Channel Driver | SecurityVulnerability.io