// For flags

CVE-2009-2726

 

Severity Score

7.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 does not use a maximum width when invoking sscanf style functions, which allows remote attackers to cause a denial of service (stack memory consumption) via SIP packets containing large sequences of ASCII decimal characters, as demonstrated via vectors related to (1) the CSeq value in a SIP header, (2) large Content-Length value, and (3) SDP.

El driver SIP channel en Asterisk Open Source v1.2.x anterior a v1.2.34, v1.4.x anterior a v1.4.26.1, v1.6.0.x anterior a v1.6.0.12, y v1.6.1.x anterior a v1.6.1.4; Asterisk Business Edition vA.x.x, vB.x.x anterior a vB.2.5.9, vC.2.x anterior a vC.2.4.1, y vC.3.x anterior a vC.3.1; y Asterisk Appliance s800i v1.2.x anterior a v1.3.0.3, no utiliza el ancho máximo cuando se invocan las funciones de estilo sscanf, lo que permite a atacantes remotos producir una denegación de servicio (agotamiento de la pila de memoria) a través de paquetes SIP que contienen secuencias largas de caracteres ASCII decimales, como se demostró a través de vectores relacionados con (1) el valor CSeq en una cabecera SIP, (2) valores Content-Length, y (3) SDP.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2009-08-10 CVE Reserved
  • 2009-08-11 CVE Published
  • 2024-02-16 EPSS Updated
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Digium
Search vendor "Digium"
S800i Firmware
Search vendor "Digium" for product "S800i Firmware"
>= 1.2.0 < 1.3.0.3
Search vendor "Digium" for product "S800i Firmware" and version " >= 1.2.0 < 1.3.0.3"
-
Affected
in Digium
Search vendor "Digium"
S800i
Search vendor "Digium" for product "S800i"
--
Safe
Digium
Search vendor "Digium"
Asterisk
Search vendor "Digium" for product "Asterisk"
< b.2.5.9
Search vendor "Digium" for product "Asterisk" and version " < b.2.5.9"
business
Affected
Digium
Search vendor "Digium"
Asterisk
Search vendor "Digium" for product "Asterisk"
>= c.2.0 <= c.2.4.1
Search vendor "Digium" for product "Asterisk" and version " >= c.2.0 <= c.2.4.1"
business
Affected
Digium
Search vendor "Digium"
Asterisk
Search vendor "Digium" for product "Asterisk"
>= c.3.0 < c.3.1
Search vendor "Digium" for product "Asterisk" and version " >= c.3.0 < c.3.1"
business
Affected
Digium
Search vendor "Digium"
Asterisk
Search vendor "Digium" for product "Asterisk"
>= 1.2.0 < 1.2.34
Search vendor "Digium" for product "Asterisk" and version " >= 1.2.0 < 1.2.34"
-
Affected
Digium
Search vendor "Digium"
Asterisk
Search vendor "Digium" for product "Asterisk"
>= 1.4.0 < 1.4.26.1
Search vendor "Digium" for product "Asterisk" and version " >= 1.4.0 < 1.4.26.1"
-
Affected
Digium
Search vendor "Digium"
Asterisk
Search vendor "Digium" for product "Asterisk"
>= 1.6.0 < 1.6.0.12
Search vendor "Digium" for product "Asterisk" and version " >= 1.6.0 < 1.6.0.12"
-
Affected
Digium
Search vendor "Digium"
Asterisk
Search vendor "Digium" for product "Asterisk"
>= 1.6.1 < 1.6.1.4
Search vendor "Digium" for product "Asterisk" and version " >= 1.6.1 < 1.6.1.4"
-
Affected