NVD

Id
2451  
Name
CVE-2008-2543  
Description
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP application-data fields as addresses of memory to free, which allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-03  
Published
2008-06-05  
Modified Date
2011-03-07  
Seq
2008-2543  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
15555 2451 CVE-2008-2543 http://downloads.digium.com/pub/security/AST-2008-009.html  View
15556 2451 CVE-2008-2543 1020202  View
15557 2451 CVE-2008-2543 20080604 AST-2008-009: AST-2008-007 Cryptographic keys generated by OpenSSL on Debian-based systems compromised  View
15558 2451 CVE-2008-2543 20080604 AST-2008-009: (Corrected subject) Remote crash vulnerability in ooh323 channel driver  View
15559 2451 CVE-2008-2543 29567  View
15560 2451 CVE-2008-2543 ADV-2008-1747  View
15561 2451 CVE-2008-2543 asterisk-addons-ooh323-dos(42869)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47818 JVNDB-2008-003128 Asterisk Addons の ooh323 チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性 Asterisk Addons および Asterisk-Addons の ooh323 チャネルドライバは、localhost 通信のみ対象にするおよび解放したメモリのアドレスとして一部の TCP アプリケーションのデータフィールドを解釈する遠隔地からアクセス可能な TCP ポートを作成するため、サービス運用妨害 (デーモンクラッシュ) 状態となる脆弱性が存在します。 CVE-2008-2543 32656 CVE-2008-2543 2451 5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003128.html 2008-06-05 2012-06-26 View