Denial of Service Vulnerability in Asterisk Open Source HTTP Server
CVE-2013-2686

Currently unrated

Key Information:

Vendor

Asterisk

Status
Open Source
Vendor
CVE Published:
1 April 2013

What is CVE-2013-2686?

A vulnerability in the HTTP server of Asterisk Open Source allows remote attackers to conduct stack-consumption attacks through crafted HTTP POST requests. This misconfiguration in handling Content-Length values can lead to server crashes, affecting availability. The issue arises from an inadequate fix for a prior vulnerability (CVE-2012-5976), highlighting the importance of thorough validation in request processing.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://issues.asterisk.org/jira/browse/ASTERISK-20967
x_refsource_CONFIRM
http://telussecuritylabs.com/threats/show/TSL20130327-01
x_refsource_MISC
http://downloads.asterisk.org/pub/security/AST-2013-002.html
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.