Denial of Service Vulnerability in Asterisk by Digium
CVE-2008-5558

Currently unrated

Key Information:

Vendor: Asterisk
Status: Asterisk Business Edition; Open Source
Vendor: CVE Published:; 17 December 2008

What is CVE-2008-5558?

Asterisk versions 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5 are vulnerable to a denial of service caused by unauthorized authentication attempts. Attackers exploiting this flaw can trigger a crash by sending authentication requests for unknown users or by matching hostnames, thereby impacting service availability.

References

http://www.securityfocus.com/bid/32773

vdb-entryx_refsource_BID

http://security.gentoo.org/glsa/glsa-200905-01.xml

vendor-advisoryx_refsource_GENTOO

http://secunia.com/advisories/32956

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Dec 17, 2008
Vulnerability Reserved
Dec 15, 2008