CVE-2012-5977

Опубликовано: 04 янв. 2013

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk Digiumphones 10.x-digiumphones before 10.11.1-digiumphones, when anonymous calls are enabled, allow remote attackers to cause a denial of service (resource consumption) by making anonymous calls from multiple sources and consequently adding many entries to the device state cache.

Ссылки

http://downloads.asterisk.org/pub/security/AST-2012-015
Vendor Advisory
http://www.debian.org/security/2013/dsa-2605
https://issues.asterisk.org/jira/browse/ASTERISK-20175
Vendor Advisory
http://downloads.asterisk.org/pub/security/AST-2012-015
Vendor Advisory
http://www.debian.org/security/2013/dsa-2605
https://issues.asterisk.org/jira/browse/ASTERISK-20175
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*

Версия до 1.8.19.0 (включая)

cpe:2.3:a:digium:asterisk:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:beta1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:beta2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:beta3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:beta4:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:beta5:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:rc4:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.0:rc5:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.1:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.1.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.2.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.2.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.2.3:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.2.4:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.3:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.3:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.3:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.3:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.3.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.3.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.3.3:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.4:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.4:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.4:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.4:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.4.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.4.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.4.3:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.4.4:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.5:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.5:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.5.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.6.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.6.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.6.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.6.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.7.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.7.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.7.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.8.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.8.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.8.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.8.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.8.0:rc4:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.8.0:rc5:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.8.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.8.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.9.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.9.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.9.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.9.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.9.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.9.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.9.3:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.10.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.10.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.10.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.10.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.10.0:rc4:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.10.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.11.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.11.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.11.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.11.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.12:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.12.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.12.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.12.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.12.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.13.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.13.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.13.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.13.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.14.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.14.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.14.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.15.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.15.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.15.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.16.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.16.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.16.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.17.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.17.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.17.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.17.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.18.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.18.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.18.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.19.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:1.8.19.0:rc3:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:digium:asterisk:10.0.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.3:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:rc4:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.3.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.3.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.3.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.3.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.2:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.6.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.6.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.6.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.6.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.6.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.6.1:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.7.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.7.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.7.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.8.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.8.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.8.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.9.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.9.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.9.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.9.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.10.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.10.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.10.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.10.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.11.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.11.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.11.0:rc3:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:digium:asterisk:11.0.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.0.0:beta1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.0.1:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.0.2:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.1.0:*:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.1.0:rc1:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.1.0:rc3:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:11.1.1:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert2:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert3:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert4:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert5:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert6:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert7:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert8:*:*:*:*:*:*

cpe:2.3:a:digium:certified_asterisk:1.8.11:cert9:*:*:*:*:*:*

Конфигурация 5

Одно из

cpe:2.3:a:digium:asterisk:10.0.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:beta1:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:beta2:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:rc1:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:rc2:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.0.0:rc3:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.0:rc1:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.0:rc2:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.1.1:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:rc1:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:rc2:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:rc3:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.2.0:rc4:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.3.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.3.0:rc2:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.3.0:rc3:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.0:rc1:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.4.0:rc2:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.0:rc1:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.0:rc2:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.1:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.5.2:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.6.0:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.6.1:*:digiumphones:*:*:*:*:*

cpe:2.3:a:digium:asterisk:10.7.0:*:digiumphones:*:*:*:*:*

EPSS

Процентиль: 78%

0.01103

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2012-5977

ubuntu

около 13 лет назад

CVE-2012-5977

debian

около 13 лет назад

Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 1 ...

GHSA-43h5-hjxq-m9rj

github

больше 3 лет назад

EPSS

Процентиль: 78%

0.01103

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-119