CVE-2011-4598

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2011-4598

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2011-4598.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2011-4598

Downstream

DEBIAN-CVE-2011-4598

DSA-2367-1

Published

2011-12-15T03:57:34Z

Modified

2025-04-11T00:51:21Z

Summary

[none]

Details

The handlerequestinfo function in channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted sequence of SIP requests.

References

http://secunia.com/advisories/47273
http://www.debian.org/security/2011/dsa-2367
http://downloads.asterisk.org/pub/security/AST-2011-014.html
http://openwall.com/lists/oss-security/2011/12/09/3
http://openwall.com/lists/oss-security/2011/12/09/4
http://osvdb.org/77598

CVE-2011-4598

Affected packages