Denial of Service Vulnerability in Asterisk Open Source SIP Protocols
CVE-2012-0885

Currently unrated

Key Information:

Vendor

Asterisk

Status
Open Source
Vendor
CVE Published:
25 January 2012

What is CVE-2012-0885?

A vulnerability exists in Asterisk Open Source, specifically in the chan_sip.c file used for SIP communications. When the res_srtp module is engaged and media support is misconfigured, remote attackers can exploit this flaw through specially crafted SDP messages that include crypto attributes for video or text media types. This can lead to a denial of service, causing the daemon to crash due to a NULL pointer dereference.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://downloads.asterisk.org/pub/security/AST-2012-001-1...
x_refsource_CONFIRM
https://issues.asterisk.org/jira/browse/ASTERISK-19202
x_refsource_CONFIRM
http://downloads.asterisk.org/pub/security/AST-2012-001-1...
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.