Digium.Asterisk.Skinny.Channel.Null.Pointer.Dereference.DoS
Description
This indicates an attack attempt to exploit a Denial of Service vulnerability in Digium Asterisk.
The vulnerability is due to an input validation error when handling closing of connection while the server is in a certain state. A remote attack may be able to exploit this to cause a denial of service condition on the affected system.
Affected Products
Digium Asterisk Open Source 1.8 prior to 1.8.12.1
Digium Asterisk Open Source 10 prior to 10.4.1
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply patch available from the website.
http://downloads.asterisk.org/pub/security/AST-2012-008.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |