ID CVE-2007-1561
Summary The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address.
References
Vulnerable Configurations
  • cpe:2.3:a:asterisk:asterisk:1.2.14
    cpe:2.3:a:asterisk:asterisk:1.2.14
  • cpe:2.3:a:asterisk:asterisk:1.2.15
    cpe:2.3:a:asterisk:asterisk:1.2.15
  • cpe:2.3:a:asterisk:asterisk:1.2.16
    cpe:2.3:a:asterisk:asterisk:1.2.16
  • cpe:2.3:a:asterisk:asterisk:1.4.1
    cpe:2.3:a:asterisk:asterisk:1.4.1
CVSS
Base: 7.8 (as of 22-03-2007 - 11:34)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
exploit-db via4
description Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit. CVE-2007-1561. Dos exploits for multiple platform
id EDB-ID:3566
last seen 2016-01-31
modified 2007-03-25
published 2007-03-25
reporter MADYNES
source https://www.exploit-db.com/download/3566/
title Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200704-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-200704-01 (Asterisk: Two SIP Denial of Service vulnerabilities) The Madynes research team at INRIA has discovered that Asterisk contains a NULL pointer dereferencing error in the SIP channel when handling INVITE messages. Furthermore qwerty1979 discovered that Asterisk 1.2.x fails to properly handle SIP responses with return code 0. Impact : A remote attacker could cause an Asterisk server listening for SIP messages to crash by sending a specially crafted SIP message or answering with a 0 return code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 24934
    published 2007-04-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24934
    title GLSA-200704-01 : Asterisk: Two SIP Denial of Service vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_ASTERISK-3543.NASL
    description This update fixes multiple bugs that allowed attackers to remotely crash asterisk or cause an information leak (CVE-2007-1561, CVE-2007-1594, CVE-2007-1595, CVE-2007-2297, CVE-2007-2488).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27157
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27157
    title openSUSE 10 Security Update : asterisk (asterisk-3543)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1358.NASL
    description Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1306 'Mu Security' discovered that a NULL pointer dereference in the SIP implementation could lead to denial of service. - CVE-2007-1561 Inria Lorraine discovered that a programming error in the SIP implementation could lead to denial of service. - CVE-2007-2294 It was discovered that a NULL pointer dereference in the manager interface could lead to denial of service. - CVE-2007-2297 It was discovered that a programming error in the SIP implementation could lead to denial of service. - CVE-2007-2488 Tim Panton and Birgit Arkestein discovered that a programming error in the IAX2 implementation could lead to information disclosure. - CVE-2007-3762 Russell Bryant discovered that a buffer overflow in the IAX implementation could lead to the execution of arbitrary code. - CVE-2007-3763 Chris Clark and Zane Lackey discovered that several NULL pointer dereferences in the IAX2 implementation could lead to denial of service. - CVE-2007-3764 Will Drewry discovered that a programming error in the Skinny implementation could lead to denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25938
    published 2007-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25938
    title Debian DSA-1358-1 : asterisk - several vulnerabilities
refmap via4
bid 23031
bugtraq 20070321 Two new DoS Vulnerabilities in Asterisk Fixed
confirm
debian DSA-1358
fulldisc 20070319 Asterisk SDP DOS vulnerability
gentoo GLSA-200704-01
mlist [VOIPSEC] 20070319 Asterisk SDP DOS vulnerability
osvdb 34479
sectrack 1017794
secunia
  • 24564
  • 24719
  • 25582
suse SUSE-SA:2007:034
vupen ADV-2007-1039
xf asterisk-sip-invite-dos(33068)
Last major update 17-10-2016 - 23:43
Published 21-03-2007 - 15:19
Last modified 16-10-2018 - 12:39
Back to Top