Remote Denial of Service Vulnerability in Certified Asterisk and Open Source Asterisk
CVE-2012-2948

Currently unrated

Key Information:

Vendor: Asterisk
Status: Certified Asterisk
Vendor: CVE Published:; 2 June 2012

What is CVE-2012-2948?

The Skinny channel driver in Certified Asterisk and Asterisk Open Source is vulnerable to a denial of service attack. This occurs when remote authenticated users close a connection while in off-hook mode, leading to a NULL pointer dereference and subsequent daemon crash. It is crucial for users to update their Asterisk installations to mitigate this vulnerability and ensure stable operation of their systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75937

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1027103

vdb-entryx_refsource_SECTRACK

http://www.debian.org/security/2012/dsa-2493

vendor-advisoryx_refsource_DEBIAN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2012
Vulnerability Reserved
May 29, 2012