CVE-2008-0095
08.01.2008, 02:46
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference.Enginsight
Vendor | Product | Version |
---|---|---|
asterisk | asterisk_appliance_developer_kit | 𝑥 ≤ 1.4_revision_95945 |
asterisk | open_source | 𝑥 ≤ 1.4.16 |
asterisk | s800i | 𝑥 ≤ 1.0.3.3 |
𝑥
= Vulnerable software versions

Debian Releases

Ubuntu Releases
Common Weakness Enumeration
References