CVE-2009-2726
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 does not use a maximum width when invoking sscanf style functions, which allows remote attackers to cause a denial of service (stack memory consumption) via SIP packets containing large sequences of ASCII decimal characters, as demonstrated via vectors related to (1) the CSeq value in a SIP header, (2) large Content-Length value, and (3) SDP.
El driver SIP channel en Asterisk Open Source v1.2.x anterior a v1.2.34, v1.4.x anterior a v1.4.26.1, v1.6.0.x anterior a v1.6.0.12, y v1.6.1.x anterior a v1.6.1.4; Asterisk Business Edition vA.x.x, vB.x.x anterior a vB.2.5.9, vC.2.x anterior a vC.2.4.1, y vC.3.x anterior a vC.3.1; y Asterisk Appliance s800i v1.2.x anterior a v1.3.0.3, no utiliza el ancho máximo cuando se invocan las funciones de estilo sscanf, lo que permite a atacantes remotos producir una denegación de servicio (agotamiento de la pila de memoria) a través de paquetes SIP que contienen secuencias largas de caracteres ASCII decimales, como se demostró a través de vectores relacionados con (1) el valor CSeq en una cabecera SIP, (2) valores Content-Length, y (3) SDP.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-08-10 CVE Reserved
- 2009-08-11 CVE Published
- 2024-02-16 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://downloads.digium.com/pub/security/AST-2009-005.html | Product | |
http://labs.mudynamics.com/advisories/MU-200908-01.txt | Broken Link | |
http://www.securityfocus.com/archive/1/505669/100/0/threaded | Broken Link | |
http://www.securitytracker.com/id?1022705 | Broken Link |
URL | Date | SRC |
---|---|---|
http://www.securityfocus.com/bid/36015 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/36227 | 2024-02-15 | |
http://www.vupen.com/english/advisories/2009/2229 | 2024-02-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Digium Search vendor "Digium" | S800i Firmware Search vendor "Digium" for product "S800i Firmware" | >= 1.2.0 < 1.3.0.3 Search vendor "Digium" for product "S800i Firmware" and version " >= 1.2.0 < 1.3.0.3" | - |
Affected
| in | Digium Search vendor "Digium" | S800i Search vendor "Digium" for product "S800i" | - | - |
Safe
|
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | < b.2.5.9 Search vendor "Digium" for product "Asterisk" and version " < b.2.5.9" | business |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= c.2.0 <= c.2.4.1 Search vendor "Digium" for product "Asterisk" and version " >= c.2.0 <= c.2.4.1" | business |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= c.3.0 < c.3.1 Search vendor "Digium" for product "Asterisk" and version " >= c.3.0 < c.3.1" | business |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= 1.2.0 < 1.2.34 Search vendor "Digium" for product "Asterisk" and version " >= 1.2.0 < 1.2.34" | - |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= 1.4.0 < 1.4.26.1 Search vendor "Digium" for product "Asterisk" and version " >= 1.4.0 < 1.4.26.1" | - |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= 1.6.0 < 1.6.0.12 Search vendor "Digium" for product "Asterisk" and version " >= 1.6.0 < 1.6.0.12" | - |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= 1.6.1 < 1.6.1.4 Search vendor "Digium" for product "Asterisk" and version " >= 1.6.1 < 1.6.1.4" | - |
Affected
|