Denial of Service Vulnerability in Asterisk SIP Channel Driver by Digium
CVE-2007-4455

Currently unrated

Key Information:

Vendor

Asterisk

Status
Asterisk Appliance Developer Kit
Asterisk
Asterisknow
Vendor
CVE Published:
22 August 2007

What is CVE-2007-4455?

The SIP channel driver (chan_sip) in Asterisk is prone to a resource exhaustion vulnerability that can be exploited remotely. Attackers can initiate a SIP dialog that generates an excessive number of history entries, ultimately leading to memory depletion. This creates significant performance issues and can render the affected Asterisk systems unresponsive. To mitigate this vulnerability, users should upgrade to the latest versions of Asterisk, as outlined in the related advisories.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityreason.com/securityalert/3047
third-party-advisoryx_refsource_SREASON
http://www.vupen.com/english/advisories/2007/2953
vdb-entryx_refsource_VUPEN
http://downloads.digium.com/pub/asa/AST-2007-020.html
x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.