CVE-2011-2529

Asterisk 1.6.x < 1.6.2.18.1 and 1.8.x < 1.8.4.3 - Memory Corruption via SIP Packet Null Byte Handling

Title source: llm
STIX 2.1

Description

chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 does not properly handle '\0' characters in SIP packets, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted packet.

References (11)

Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/68203
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/73307
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/48431
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45239
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2276
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062628.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45048
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1025706
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45201

Scores

EPSS 0.0428
EPSS Percentile 90.0%

Details

CWE
CWE-119
Status published
Products (27)
digium/asterisk 1.6.0 (14 CPE variants)
digium/asterisk 1.6.0.1
digium/asterisk 1.6.0.2
digium/asterisk 1.6.0.3 (2 CPE variants)
digium/asterisk 1.6.0.4 rc1
digium/asterisk 1.6.0.5
digium/asterisk 1.6.0.6
digium/asterisk 1.6.0.7
digium/asterisk 1.6.0.8
digium/asterisk 1.6.0.9
... and 17 more
Published Jul 06, 2011
Tracked Since Feb 18, 2026