CVE-2012-2948

Related Files

Gentoo Linux Security Advisory 201206-05

Posted Jun 21, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-5 - Multiple vulnerabilities in Asterisk might allow remote attackers to execute arbitrary code. Versions less than 1.8.12.1 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2012-2414, CVE-2012-2415, CVE-2012-2416, CVE-2012-2947, CVE-2012-2948

SHA-256 | 0549e3a73c1a5f9d04d3fd1dcc33fb9bb2ec602c6d3eb30b5168b211e879ae45

Download | Favorite | View

Debian Security Advisory 2493-1

Posted Jun 12, 2012

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2493-1 - Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2012-2947, CVE-2012-2948

SHA-256 | 21e8618cd5d616376fad6c256d487e6681705187c9bfa7fea9986649f72ace9b

Download | Favorite | View

Asterisk Project Security Advisory - AST-2012-008

Posted May 29, 2012

Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - A Null-pointer dereference has been identified in the SCCP (Skinny) channel driver of Asterisk. When an SCCP client closes its connection to the server, a pointer in a structure is set to Null. If the client was not in the on-hook state at the time the connection was closed, this pointer is later dereferenced. A remote attacker with a valid SCCP ID can can use this vulnerability by closing a connection to the Asterisk server in certain call states (e.g. "Off hook") to crash the server. Successful exploitation of this vulnerability would result in termination of the server, causing denial of service to legitimate users.

tags | advisory, remote, denial of service

advisories | CVE-2012-2948

SHA-256 | 0ffad12f4ee7638c64029cbf2387da33862ed3926680288d1303b12b6023069e

Download | Favorite | View