virus logo Intrusion Prevention

Digium.Asterisk.Management.HTTP.Digest.Auth.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Digium Asterisk.
The vulnerability is caused due to a bounds checking error while handling HTTP Digest Authentication headers in the ast_parse_digest() function used by the Asterisk management interface. A successful attack may allow an attacker to execute arbitrary code on the vulnerable system.

affected-products-logoAffected Products

Red Hat Fedora 17
Red Hat Fedora 15
Gentoo Linux
Asterisk Asterisk 10.3.0
Asterisk Asterisk 10.2.0
Asterisk Asterisk 1.8.11.0
Asterisk Asterisk 1.8.10.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply updates or fixes, available from the website:
http://downloads.asterisk.org/pub/security/AST-2012-003.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-10-22 16.948 Name:Asterisk.
Management.
HTTP.
Digest.
Auth.
Buffer.
Overflow:Digium.
Asterisk.
Management.
HTTP.
Digest.
Auth.
Buffer.
Overflow
ID 31697
Created May 08, 2012
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2012-1184
Exploit Prediction Score 96.91%
Default Action drop
Active
Affected OS Other
Affected App Other