Asterisk Remote Crash Vulnerability in Skinny Channel Driver (AST-2012-009)

Medium Nessus Network Monitor Plugin ID 6510

Synopsis

The remote VoIP server is vulnerable to a denial of service attack.

Description

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a vulnerability that could allow a remote attacker to crash the server. This issue may be exploited when the attacker has a valid SCCP (Skinny) ID and closes a connection when in certain call states. A null pointer is left behind and can cause the server to crash when the pointer is later dereferenced.

Solution

Upgrade to Asterisk 10.5.1 or apply the patches listed in the Asterisk advisory

See Also

http://downloads.asterisk.org/pub/security/AST-2012-009.html

http://www.securityfocus.com/bid/54017/info

Plugin Details

Severity: Medium

ID: 6510

File Name: 6510.prm

Family: Generic

Published: 2011/07/06

Modified: 2017/01/31

Dependencies: 3768

Nessus ID: 59714

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4

Temporal Score: 3.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 4.3

Temporal Score: 4

Vector: CVSS3#AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2011/06/14

Vulnerability Publication Date: 2011/05/30

Reference Information

CVE: CVE-2012-3553

BID: 54017

OSVDB: 83040