Total vulnerabilities in the database
The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1.6.1 before 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP INVITE request without any headers, which triggers a NULL pointer dereference in the (1) sip_uri_headers_cmp and (2) sip_uri_params_cmp functions.
| Software | From | Fixed in |
|---|---|---|
| digium / asterisk | 1.6.0-beta2 | 1.6.0-beta2.x |
| digium / asterisk | 1.6.1-beta2 | 1.6.1-beta2.x |
| digium / asterisk | 1.6.0-beta4 | 1.6.0-beta4.x |
| digium / asterisk | 1.6.0-beta8 | 1.6.0-beta8.x |
| digium / asterisk | 1.6.0-beta9 | 1.6.0-beta9.x |
| digium / asterisk | c.2.3 | c.2.3.x |
| digium / asterisk | 1.6.1-beta4 | 1.6.1-beta4.x |
| digium / asterisk | 1.6.0.3-rc1 | 1.6.0.3-rc1.x |
| digium / asterisk | 1.6.0 | 1.6.0.x |
| digium / asterisk | 1.4.22 | 1.4.22.x |
| digium / asterisk | 1.6.0-beta1 | 1.6.0-beta1.x |
| digium / asterisk | 1.6.0-beta3 | 1.6.0-beta3.x |
| digium / asterisk | 1.6.0.5 | 1.6.0.5.x |
| digium / asterisk | 1.6.1-rc1 | 1.6.1-rc1.x |
| digium / asterisk | 1.6.0.2 | 1.6.0.2.x |
| digium / asterisk | 1.6.0-rc6 | 1.6.0-rc6.x |
| digium / asterisk | 1.4.23 | 1.4.23.x |
| digium / asterisk | 1.6.0-rc4 | 1.6.0-rc4.x |
| digium / asterisk | 1.6.0-rc5 | 1.6.0-rc5.x |
| digium / asterisk | 1.6.0-beta7 | 1.6.0-beta7.x |
| digium / asterisk | 1.6.0.1 | 1.6.0.1.x |
| digium / asterisk | 1.6.1 | 1.6.1.x |
| digium / asterisk | 1.6.0.4-rc1 | 1.6.0.4-rc1.x |
| digium / asterisk | 1.6.0-beta6 | 1.6.0-beta6.x |
| digium / asterisk | 1.6.1-beta3 | 1.6.1-beta3.x |
| digium / asterisk | 1.6.0.3 | 1.6.0.3.x |
| digium / asterisk | 1.4.23.1 | 1.4.23.1.x |
| digium / asterisk | 1.6.0-beta7.1 | 1.6.0-beta7.1.x |
| digium / asterisk | 1.6.0-beta5 | 1.6.0-beta5.x |
| digium / asterisk | 1.6.1-beta1 | 1.6.1-beta1.x |