NVD

Id
23831  
Name
CVE-2015-1558  
Description
Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs.  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2015-02-09  
Modified Date
2015-02-09  
Seq
2015-1558  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
126609 23831 CVE-2015-1558 http://downloads.asterisk.org/pub/security/AST-2015-001.html  View
126610 23831 CVE-2015-1558 20150128 AST-2015-001: File descriptor leak when incompatible codecs are offered  View
126611 23831 CVE-2015-1558 20150128 AST-2015-001: File descriptor leak when incompatible codecs are offered  View
126612 23831 CVE-2015-1558 1031661  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
6146 JVNDB-2015-001466 Asterisk Open Source におけるサービス運用妨害 (DoS) の脆弱性 Asterisk Open Source は、PJSIP チャネルドライバを使用する際、RTP ポートを適切に再利用しないため、サービス運用妨害 (ファイル記述子の消費) の脆弱性が存在します。 CVE-2015-1558 78783 CVE-2015-1558 23831 3.5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001466.html 2015-01-09 2015-02-17 View