CVE-2014-2289
Gentoo Linux Security Advisory 201405-05
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request without any Accept headers, which triggers an invalid pointer dereference.
res/res_pjsip_exten_state.c en el controlador de canal PJSIP en Asterisk Open Source 12.x anterior a 12.1.0 permite a usuarios remotos autenticados causar una denegaci´´on de servicio (caída) a través de una solicitud SUBSCRIBE sin cabeceras Accept, lo que provoca una referencia de puntero invalida.
A remotely exploitable crash vulnerability exists in the PJSIP channel driver's handling of SUBSCRIBE requests. If a SUBSCRIBE request is received for the presence Event, and that request has no Accept headers, Asterisk will attempt to access an invalid pointer to the header location. Note that this issue was fixed during a re-architecture of the res_pjsip_pubsub module in Asterisk 12.1.0. As such, this issue has already been resolved in a released version of Asterisk. This notification is being released for users of Asterisk 12.0.0.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-03-05 CVE Reserved
- 2014-03-11 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://issues.asterisk.org/jira/browse/ASTERISK-23139 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://downloads.asterisk.org/pub/security/AST-2014-004-12.diff | 2014-04-21 | |
http://downloads.asterisk.org/pub/security/AST-2014-004.html | 2014-04-21 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | 12.0.0 Search vendor "Digium" for product "Asterisk" and version "12.0.0" | - |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | 12.1.0 Search vendor "Digium" for product "Asterisk" and version "12.1.0" | rc1 |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | 12.1.0 Search vendor "Digium" for product "Asterisk" and version "12.1.0" | rc2 |
Affected
| ||||||
Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | 12.1.0 Search vendor "Digium" for product "Asterisk" and version "12.1.0" | rc3 |
Affected
|