CVE-2011-4597

Asterisk 1.4.x < 1.4.43, 1.6.x < 1.6.2.21, 1.8.x < 1.8.7.2 - Username Enumeration via SIP UDP Response Port Variation

Title source: llm
STIX 2.1

Description

The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series of requests.

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/77597
Mailing List mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/12/09/4
Mailing List mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2011/12/09/3
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/47273
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2011-12/0151.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2367
Various Sources mailing-list x_refsource_mlist
http://lists.digium.com/pipermail/asterisk-dev/2011-November/052191.html

Scores

EPSS 0.0328
EPSS Percentile 87.0%

Details

CWE
CWE-200
Status published
Products (24)
digium/asterisk 1.8.0 (10 CPE variants)
digium/asterisk 1.8.1 (2 CPE variants)
digium/asterisk 1.8.1.1
digium/asterisk 1.8.1.2
digium/asterisk 1.8.2
digium/asterisk 1.8.2.1
digium/asterisk 1.8.2.2
digium/asterisk 1.8.2.3
digium/asterisk 1.8.2.4
digium/asterisk 1.8.3 (4 CPE variants)
... and 14 more
Published Dec 15, 2011
Tracked Since Feb 18, 2026