Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2535

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2535
Last Modified 06 Sep 2011 11:17:35
Published 06 Jul 2011 03:55:03
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2535

Summary

chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x before 1.4.41.1, 1.6.2.x before 1.6.2.18.1, and 1.8.x before 1.8.4.3, and Asterisk Business Edition C.3 before C.3.7.3, accesses a memory address contained in an option control frame, which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a crafted frame.

Vulnerable Systems

Application

  • Digium Asterisk 1.4.0

  • Digium Asterisk 1.4.1

  • Digium Asterisk 1.4.10

  • Digium Asterisk 1.4.10.1

  • Digium Asterisk 1.4.11

  • Digium Asterisk 1.4.12

  • Digium Asterisk 1.4.12.1

  • Digium Asterisk 1.4.13

  • Digium Asterisk 1.4.14

  • Digium Asterisk 1.4.15

  • Digium Asterisk 1.4.16

  • Digium Asterisk 1.4.16.1

  • Digium Asterisk 1.4.16.2

  • Digium Asterisk 1.4.17

  • Digium Asterisk 1.4.18

  • Digium Asterisk 1.4.19

  • Digium Asterisk 1.4.19.1

  • Digium Asterisk 1.4.19.2

  • Digium Asterisk 1.4.2

  • Digium Asterisk 1.4.20

  • Digium Asterisk 1.4.20.1

  • Digium Asterisk 1.4.21

  • Digium Asterisk 1.4.21.1

  • Digium Asterisk 1.4.21.2

  • Digium Asterisk 1.4.22

  • Digium Asterisk 1.4.22.1

  • Digium Asterisk 1.4.22.2

  • Digium Asterisk 1.4.23

  • Digium Asterisk 1.4.23.1

  • Digium Asterisk 1.4.23.2

  • Digium Asterisk 1.4.24

  • Digium Asterisk 1.4.24.1

  • Digium Asterisk 1.4.25

  • Digium Asterisk 1.4.25.1

  • Digium Asterisk 1.4.26

  • Digium Asterisk 1.4.26.1

  • Digium Asterisk 1.4.26.2

  • Digium Asterisk 1.4.26.3

  • Digium Asterisk 1.4.27

  • Digium Asterisk 1.4.27.1

  • Digium Asterisk 1.4.28

  • Digium Asterisk 1.4.29

  • Digium Asterisk 1.4.29.1

  • Digium Asterisk 1.4.3

  • Digium Asterisk 1.4.30

  • Digium Asterisk 1.4.31

  • Digium Asterisk 1.4.32

  • Digium Asterisk 1.4.33

  • Digium Asterisk 1.4.33.1

  • Digium Asterisk 1.4.34

  • Digium Asterisk 1.4.35

  • Digium Asterisk 1.4.36

  • Digium Asterisk 1.4.37

  • Digium Asterisk 1.4.38

  • Digium Asterisk 1.4.39

  • Digium Asterisk 1.4.39.1

  • Digium Asterisk 1.4.39.2

  • Digium Asterisk 1.4.4

  • Digium Asterisk 1.4.40

  • Digium Asterisk 1.4.40.1

  • Digium Asterisk 1.4.40.2

  • Digium Asterisk 1.4.41

  • Digium Asterisk 1.4.5

  • Digium Asterisk 1.4.6

  • Digium Asterisk 1.4.7

  • Digium Asterisk 1.4.7.1

  • Digium Asterisk 1.4.8

  • Digium Asterisk 1.4.9

  • Digium Asterisk 1.6.2.0

  • Digium Asterisk 1.6.2.1

  • Digium Asterisk 1.6.2.15

  • Digium Asterisk 1.6.2.16

  • Digium Asterisk 1.6.2.16.1

  • Digium Asterisk 1.6.2.16.2

  • Digium Asterisk 1.6.2.17

  • Digium Asterisk 1.6.2.17.1

  • Digium Asterisk 1.6.2.17.2

  • Digium Asterisk 1.6.2.17.3

  • Digium Asterisk 1.6.2.18

  • Digium Asterisk 1.6.2.2

  • Digium Asterisk 1.6.2.3

  • Digium Asterisk 1.6.2.4

  • Digium Asterisk 1.6.2.5

  • Digium Asterisk 1.6.2.6

  • Digium Asterisk 1.8.0

  • Digium Asterisk 1.8.1

  • Digium Asterisk 1.8.1.1

  • Digium Asterisk 1.8.1.2

  • Digium Asterisk 1.8.2

  • Digium Asterisk 1.8.2.1

  • Digium Asterisk 1.8.2.2

  • Digium Asterisk 1.8.2.3

  • Digium Asterisk 1.8.2.4

  • Digium Asterisk 1.8.3

  • Digium Asterisk 1.8.3.1

  • Digium Asterisk 1.8.3.2

  • Digium Asterisk 1.8.3.3

  • Digium Asterisk 1.8.4

  • Digium Asterisk 1.8.4.1

  • Digium Asterisk 1.8.4.2

  • Digium Asterisk C.3.0

  • Digium Asterisk C.3.1.0

  • Digium Asterisk C.3.1.1

  • Digium Asterisk C.3.2.2

  • Digium Asterisk C.3.2.3

  • Digium Asterisk C.3.3.2

  • Digium Asterisk C.3.6.2

  • Digium Asterisk C.3.6.3

  • Digium Asterisk C.3.6.4


References

CONFIRM - http://downloads.asterisk.org/pub/security/AST-2011-010-1.8.diff

XF - asterisk-iax2channeldriver-dos(68205)

BID - 48431

OSVDB - 73309

DEBIAN - DSA-2276

SECTRACK - 1025708

SECUNIA - 45239

SECUNIA - 45201

SECUNIA - 45048

SECUNIA - 44973

FEDORA - FEDORA-2011-8914

CONFIRM - http://downloads.asterisk.org/pub/security/AST-2011-010.html


Last Updated: 27 May 2016 10:57:02