NVD

Id
54464  
Name
CVE-2007-2297  
Description
The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x before 1.4.3 does not properly parse SIP UDP packets that do not contain a valid response code, which allows remote attackers to cause a denial of service (crash).  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:C)  
Pub Date
2017-01-07  
Published
2007-04-26  
Modified Date
2008-09-05  
Seq
2007-2297  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
276289 54464 CVE-2007-2297 http://bugs.digium.com/view.php?id=9313  View
276290 54464 CVE-2007-2297 2644  View
276291 54464 CVE-2007-2297 http://www.asterisk.org/files/ASA-2007-011.pdf  View
276292 54464 CVE-2007-2297 DSA-1358  View
276293 54464 CVE-2007-2297 SUSE-SA:2007:034  View
276294 54464 CVE-2007-2297 20070425 ASA-2007-011: Multiple problems in SIP channel parser handling response codes  View
276295 54464 CVE-2007-2297 24359  View
276296 54464 CVE-2007-2297 1017954  View
276297 54464 CVE-2007-2297 asterisk-sip-response-dos(33892)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53213 JVNDB-2007-001905 Asterisk のSIP チャネルドライバにおけるサービス運用妨害 (DoS) の脆弱性 Asterisk のSIP チャネルドライバ (chan_sip) は、有効なレスポンスコードを含まない SIP UDP パケットを適切に解析しないため、サービス運用妨害 (クラッシュ) 状態となる脆弱性が存在します。 CVE-2007-2297 25652 CVE-2007-2297 54464 7.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001905.html 2007-04-26 2012-06-26 View