CVE-2011-1507

EUVD-2011-1508
Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
Affected Products (NVD)
VendorProductVersion
digiumasterisk
1.4.0
digiumasterisk
1.4.0:beta1
digiumasterisk
1.4.0:beta2
digiumasterisk
1.4.0:beta3
digiumasterisk
1.4.0:beta4
digiumasterisk
1.4.1
digiumasterisk
1.4.2
digiumasterisk
1.4.3
digiumasterisk
1.4.10
digiumasterisk
1.4.10.1
digiumasterisk
1.4.11
digiumasterisk
1.4.12
digiumasterisk
1.4.12.1
digiumasterisk
1.4.13
digiumasterisk
1.4.14
digiumasterisk
1.4.15
digiumasterisk
1.4.16
digiumasterisk
1.4.16.1
digiumasterisk
1.4.16.2
digiumasterisk
1.4.17
digiumasterisk
1.4.18
digiumasterisk
1.4.19
digiumasterisk
1.4.19:rc1
digiumasterisk
1.4.19:rc2
digiumasterisk
1.4.19:rc3
digiumasterisk
1.4.19:rc4
digiumasterisk
1.4.19.1
digiumasterisk
1.4.19.2
digiumasterisk
1.4.20
digiumasterisk
1.4.20:rc1
digiumasterisk
1.4.20:rc2
digiumasterisk
1.4.20:rc3
digiumasterisk
1.4.20.1
digiumasterisk
1.4.21
digiumasterisk
1.4.21:rc1
digiumasterisk
1.4.21:rc2
digiumasterisk
1.4.21.1
digiumasterisk
1.4.21.2
digiumasterisk
1.4.22
digiumasterisk
1.4.22:rc1
digiumasterisk
1.4.22:rc2
digiumasterisk
1.4.22:rc3
digiumasterisk
1.4.22:rc4
digiumasterisk
1.4.22:rc5
digiumasterisk
1.4.22.1
digiumasterisk
1.4.22.2
digiumasterisk
1.4.23
digiumasterisk
1.4.23:rc1
digiumasterisk
1.4.23:rc2
digiumasterisk
1.4.23:rc3
digiumasterisk
1.4.23:rc4
digiumasterisk
1.4.23.1
digiumasterisk
1.4.23.2
digiumasterisk
1.4.24
digiumasterisk
1.4.24:rc1
digiumasterisk
1.4.24.1
digiumasterisk
1.4.25
digiumasterisk
1.4.25:rc1
digiumasterisk
1.4.25.1
digiumasterisk
1.4.26
digiumasterisk
1.4.26:rc1
digiumasterisk
1.4.26:rc2
digiumasterisk
1.4.26:rc3
digiumasterisk
1.4.26:rc4
digiumasterisk
1.4.26:rc5
digiumasterisk
1.4.26:rc6
digiumasterisk
1.4.26.1
digiumasterisk
1.4.26.2
digiumasterisk
1.4.26.3
digiumasterisk
1.4.27
digiumasterisk
1.4.27:rc1
digiumasterisk
1.4.27:rc2
digiumasterisk
1.4.27:rc3
digiumasterisk
1.4.27:rc4
digiumasterisk
1.4.27:rc5
digiumasterisk
1.4.27.1
digiumasterisk
1.4.28
digiumasterisk
1.4.28:rc1
digiumasterisk
1.4.29
digiumasterisk
1.4.29:rc1
digiumasterisk
1.4.29.1
digiumasterisk
1.4.30
digiumasterisk
1.4.30:rc2
digiumasterisk
1.4.30:rc3
digiumasterisk
1.4.31
digiumasterisk
1.4.31:rc1
digiumasterisk
1.4.31:rc2
digiumasterisk
1.4.32
digiumasterisk
1.4.32:rc1
digiumasterisk
1.4.33
digiumasterisk
1.4.33:rc1
digiumasterisk
1.4.33:rc2
digiumasterisk
1.4.33.1
digiumasterisk
1.4.34
digiumasterisk
1.4.34:rc1
digiumasterisk
1.4.34:rc2
digiumasterisk
1.4.35
digiumasterisk
1.4.35:rc1
digiumasterisk
1.4.36
digiumasterisk
1.4.36:rc1
digiumasterisk
1.4.37
digiumasterisk
1.4.37:rc1
digiumasterisk
1.4.38
digiumasterisk
1.4.38:rc1
digiumasterisk
1.4.39
digiumasterisk
1.4.39:rc1
digiumasterisk
1.4.39.1
digiumasterisk
1.4.39.2
digiumasterisk
1.4.40
digiumasterisk
1.4.40:rc1
digiumasterisk
1.4.40:rc2
digiumasterisk
1.4.40:rc3
digiumasterisk
1.6.2.0
digiumasterisk
1.6.2.0:rc2
digiumasterisk
1.6.2.0:rc3
digiumasterisk
1.6.2.0:rc4
digiumasterisk
1.6.2.0:rc5
digiumasterisk
1.6.2.0:rc6
digiumasterisk
1.6.2.0:rc7
digiumasterisk
1.6.2.0:rc8
digiumasterisk
1.6.2.1
digiumasterisk
1.6.2.1:rc1
digiumasterisk
1.6.2.2
digiumasterisk
1.6.2.3:rc2
digiumasterisk
1.6.2.4
digiumasterisk
1.6.2.5
digiumasterisk
1.6.2.6
digiumasterisk
1.6.2.6:rc1
digiumasterisk
1.6.2.6:rc2
digiumasterisk
1.6.2.15:rc1
digiumasterisk
1.6.2.16
digiumasterisk
1.6.2.16:rc1
digiumasterisk
1.6.2.16.1
digiumasterisk
1.6.2.16.2
digiumasterisk
1.6.2.17
digiumasterisk
1.6.2.17:rc1
digiumasterisk
1.6.2.17:rc2
digiumasterisk
1.6.2.17:rc3
digiumasterisk
1.6.2.17.1
digiumasterisk
1.6.2.17.2
digiumasterisk
1.8.0
digiumasterisk
1.8.0:beta1
digiumasterisk
1.8.0:beta2
digiumasterisk
1.8.0:beta3
digiumasterisk
1.8.0:beta4
digiumasterisk
1.8.0:beta5
digiumasterisk
1.8.0:rc2
digiumasterisk
1.8.0:rc3
digiumasterisk
1.8.0:rc4
digiumasterisk
1.8.0:rc5
digiumasterisk
1.8.1
digiumasterisk
1.8.1:rc1
digiumasterisk
1.8.1.1
digiumasterisk
1.8.1.2
digiumasterisk
1.8.2
digiumasterisk
1.8.2.1
digiumasterisk
1.8.2.2
digiumasterisk
1.8.2.3
digiumasterisk
1.8.2.4
digiumasterisk
1.8.3
digiumasterisk
1.8.3:rc1
digiumasterisk
1.8.3:rc2
digiumasterisk
1.8.3:rc3
digiumasterisk
1.8.3.1
digiumasterisk
1.8.3.2
digiumasterisk
1.6.1.0
digiumasterisk
1.6.1.0:rc2
digiumasterisk
1.6.1.0:rc3
digiumasterisk
1.6.1.0:rc4
digiumasterisk
1.6.1.0:rc5
digiumasterisk
1.6.1.1
digiumasterisk
1.6.1.2
digiumasterisk
1.6.1.3:rc1
digiumasterisk
1.6.1.4
digiumasterisk
1.6.1.5
digiumasterisk
1.6.1.5:rc1
digiumasterisk
1.6.1.6
digiumasterisk
1.6.1.7:rc1
digiumasterisk
1.6.1.7:rc2
digiumasterisk
1.6.1.8
digiumasterisk
1.6.1.9
digiumasterisk
1.6.1.10
digiumasterisk
1.6.1.10:rc1
digiumasterisk
1.6.1.10:rc2
digiumasterisk
1.6.1.10:rc3
digiumasterisk
1.6.1.11
digiumasterisk
1.6.1.12
digiumasterisk
1.6.1.12:rc1
digiumasterisk
1.6.1.13
digiumasterisk
1.6.1.13:rc1
digiumasterisk
1.6.1.14
digiumasterisk
1.6.1.15:rc2
digiumasterisk
1.6.1.16
digiumasterisk
1.6.1.17
digiumasterisk
1.6.1.18
digiumasterisk
1.6.1.18:rc1
digiumasterisk
1.6.1.18:rc2
digiumasterisk
1.6.1.19
digiumasterisk
1.6.1.19:rc1
digiumasterisk
1.6.1.19:rc2
digiumasterisk
1.6.1.19:rc3
digiumasterisk
1.6.1.20
digiumasterisk
1.6.1.20:rc1
digiumasterisk
1.6.1.20:rc2
digiumasterisk
1.6.1.21
digiumasterisk
1.6.1.22
digiumasterisk
1.6.1.23
digiumasterisk
1.6.1.24
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
asterisk
bullseye
1:16.28.0~dfsg-0+deb11u4
fixed
bullseye (security)
1:16.28.0~dfsg-0+deb11u5
fixed
sid
1:22.0.0~dfsg+~cs6.14.60671435-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
asterisk
dapper
ignored
hardy
ignored
karmic
ignored
lucid
Fixed 1:1.6.2.5-0ubuntu1.4
released
maverick
Fixed 1:1.6.2.7-1ubuntu1.2
released
natty
Fixed 1:1.6.2.9-2ubuntu2.1
released
Common Weakness Enumeration
References
http://downloads.digium.com/pub/security/AST-2011-005.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058922.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html
http://secunia.com/advisories/44197
http://secunia.com/advisories/44529
http://securitytracker.com/id?1025432
http://www.debian.org/security/2011/dsa-2225
http://www.vupen.com/english/advisories/2011/1086
http://www.vupen.com/english/advisories/2011/1107
http://www.vupen.com/english/advisories/2011/1188
https://bugzilla.redhat.com/show_bug.cgi?id=698916
http://downloads.digium.com/pub/security/AST-2011-005.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058922.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html
http://secunia.com/advisories/44197
http://secunia.com/advisories/44529
http://securitytracker.com/id?1025432
http://www.debian.org/security/2011/dsa-2225
http://www.vupen.com/english/advisories/2011/1086
http://www.vupen.com/english/advisories/2011/1107
http://www.vupen.com/english/advisories/2011/1188
https://bugzilla.redhat.com/show_bug.cgi?id=698916