Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-0871

Опубликовано: 11 мар. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 3.5

Описание

The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1.6.1 before 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP INVITE request without any headers, which triggers a NULL pointer dereference in the (1) sip_uri_headers_cmp and (2) sip_uri_params_cmp functions.

РелизСтатусПримечание
dapper

not-affected

1:1.2.7.1.dfsg-2ubuntu3.4
devel

not-affected

1:1.4.21.2~dfsg-3ubuntu2
gutsy

ignored

end of life, was needed
hardy

not-affected

1:1.4.17~dfsg-2ubuntu1
intrepid

not-affected

1:1.4.21.2~dfsg-1ubuntu3
jaunty

not-affected

1:1.4.21.2~dfsg-3ubuntu2
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 86%
0.02947
Низкий

3.5 Low

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-0871

redhat
почти 17 лет назад

The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1.6.1 before 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP INVITE request without any headers, which triggers a NULL pointer dereference in the (1) sip_uri_headers_cmp and (2) sip_uri_params_cmp functions.

nvd логотип

CVE-2009-0871

nvd
почти 17 лет назад

The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1.6.1 before 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP INVITE request without any headers, which triggers a NULL pointer dereference in the (1) sip_uri_headers_cmp and (2) sip_uri_params_cmp functions.

debian логотип

CVE-2009-0871

debian
почти 17 лет назад

The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4 ...

github логотип

GHSA-v44g-p4wf-wh36

github
больше 3 лет назад

The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1.6.1 before 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP INVITE request without any headers, which triggers a NULL pointer dereference in the (1) sip_uri_headers_cmp and (2) sip_uri_params_cmp functions.

EPSS

Процентиль: 86%
0.02947
Низкий

3.5 Low

CVSS2