1. CVE-Search
  2. CVE-2007-1594
ID CVE-2007-1594
Summary The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP Response code 0 in a SIP packet.
References
Vulnerable Configurations
  • cpe:2.3:a:asterisk:asterisk:0.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.1.9_1:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.1.9_1:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.0_beta1:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.0_beta1:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.0_beta2:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.0_beta2:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.2.17:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:asterisk:asterisk:1.4_beta:*:*:*:*:*:*:*
    cpe:2.3:a:asterisk:asterisk:1.4_beta:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 16-10-2018 - 16:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
refmap via4
bid 23093
bugtraq 20070321 Two new DoS Vulnerabilities in Asterisk Fixed
confirm
gentoo GLSA-200704-01
misc
mlist [VOIPSEC] 20070319 Asterisk SDP DOS vulnerability
sectrack 1017809
secunia
  • 24579
  • 24719
  • 25582
suse SUSE-SA:2007:034
vupen ADV-2007-1077
Last major update 16-10-2018 - 16:39
Published 22-03-2007 - 23:19
Last modified 16-10-2018 - 16:39
Back to Top