CVE-2011-4598

The handle_request_info function in channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted sequence of SIP requests.

Published: Dec 15, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-4598
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
digium / asterisk	1.8.3-rc3	1.8.3-rc3.x
digium / asterisk	1.8.3	1.8.3.x
digium / asterisk	1.8.2.4	1.8.2.4.x
digium / asterisk	1.8.0-beta2	1.8.0-beta2.x
digium / asterisk	1.8.6.0-rc3	1.8.6.0-rc3.x
digium / asterisk	1.8.3-rc1	1.8.3-rc1.x
digium / asterisk	1.8.1	1.8.1.x
digium / asterisk	1.8.1.2	1.8.1.2.x
digium / asterisk	1.8.7.1	1.8.7.1.x
digium / asterisk	1.8.7.0-rc1	1.8.7.0-rc1.x
digium / asterisk	1.8.4.3	1.8.4.3.x
digium / asterisk	1.8.0-beta4	1.8.0-beta4.x
digium / asterisk	1.8.4-rc1	1.8.4-rc1.x
digium / asterisk	1.8.0-rc5	1.8.0-rc5.x
digium / asterisk	1.8.4.4	1.8.4.4.x
digium / asterisk	1.8.7.0	1.8.7.0.x
digium / asterisk	1.8.5.0	1.8.5.0.x
digium / asterisk	1.8.3.1	1.8.3.1.x
digium / asterisk	1.8.0-beta3	1.8.0-beta3.x
digium / asterisk	1.8.0-beta5	1.8.0-beta5.x
digium / asterisk	1.8.4	1.8.4.x
digium / asterisk	1.8.3.2	1.8.3.2.x
digium / asterisk	1.8.0-rc2	1.8.0-rc2.x
digium / asterisk	1.8.7.0-rc2	1.8.7.0-rc2.x
digium / asterisk	1.8.3-rc2	1.8.3-rc2.x
digium / asterisk	1.8.4.2	1.8.4.2.x
digium / asterisk	1.8.6.0-rc2	1.8.6.0-rc2.x
digium / asterisk	1.8.2.3	1.8.2.3.x
digium / asterisk	1.8.3.3	1.8.3.3.x
digium / asterisk	1.8.4-rc2	1.8.4-rc2.x
digium / asterisk	1.8.2.1	1.8.2.1.x
digium / asterisk	1.8.1-rc1	1.8.1-rc1.x
digium / asterisk	1.8.0	1.8.0.x
digium / asterisk	1.8.0-rc3	1.8.0-rc3.x
digium / asterisk	1.8.1.1	1.8.1.1.x
digium / asterisk	1.8.2	1.8.2.x
digium / asterisk	1.8.2.2	1.8.2.2.x
digium / asterisk	1.8.4-rc3	1.8.4-rc3.x
digium / asterisk	1.8.0-beta1	1.8.0-beta1.x
digium / asterisk	1.8.6.0	1.8.6.0.x
digium / asterisk	1.8.0-rc4	1.8.0-rc4.x
digium / asterisk	1.8.5-rc1	1.8.5-rc1.x
digium / asterisk	1.8.5	1.8.5.x
digium / asterisk	1.8.4.1	1.8.4.1.x
digium / asterisk	1.8.6.0-rc1	1.8.6.0-rc1.x
digium / asterisk	1.6.2.16.2	1.6.2.16.2.x
digium / asterisk	1.6.2.0-rc3	1.6.2.0-rc3.x
digium / asterisk	1.6.2.0-rc2	1.6.2.0-rc2.x
digium / asterisk	1.6.2.1	1.6.2.1.x
digium / asterisk	1.6.2.0-rc4	1.6.2.0-rc4.x
digium / asterisk	1.6.2.4	1.6.2.4.x
digium / asterisk	1.6.2.6	1.6.2.6.x
digium / asterisk	1.6.2.0-rc5	1.6.2.0-rc5.x
digium / asterisk	1.6.2.0-rc7	1.6.2.0-rc7.x
digium / asterisk	1.6.2.16-rc1	1.6.2.16-rc1.x
digium / asterisk	1.6.2.17-rc1	1.6.2.17-rc1.x
digium / asterisk	1.6.2.1-rc1	1.6.2.1-rc1.x
digium / asterisk	1.6.2.16	1.6.2.16.x
digium / asterisk	1.6.2.15-rc1	1.6.2.15-rc1.x
digium / asterisk	1.6.2.17	1.6.2.17.x
digium / asterisk	1.6.2.21	1.6.2.21.x
digium / asterisk	1.6.2.20	1.6.2.20.x
digium / asterisk	1.6.2.6-rc1	1.6.2.6-rc1.x
digium / asterisk	1.6.2.17.1	1.6.2.17.1.x
digium / asterisk	1.6.2.2	1.6.2.2.x
digium / asterisk	1.6.2.0-rc8	1.6.2.0-rc8.x
digium / asterisk	1.6.2.3-rc2	1.6.2.3-rc2.x
digium / asterisk	1.6.2.17-rc3	1.6.2.17-rc3.x
digium / asterisk	1.6.2.16.1	1.6.2.16.1.x
digium / asterisk	1.6.2.19-rc1	1.6.2.19-rc1.x
digium / asterisk	1.6.2.0	1.6.2.0.x
digium / asterisk	1.6.2.17-rc2	1.6.2.17-rc2.x
digium / asterisk	1.6.2.18-rc1	1.6.2.18-rc1.x
digium / asterisk	1.6.2.5	1.6.2.5.x
digium / asterisk	1.6.2.17.3	1.6.2.17.3.x
digium / asterisk	1.6.2.19	1.6.2.19.x
digium / asterisk	1.6.2.18	1.6.2.18.x
digium / asterisk	1.6.2.0-rc6	1.6.2.0-rc6.x
digium / asterisk	1.6.2.6-rc2	1.6.2.6-rc2.x
digium / asterisk	1.6.2.17.2	1.6.2.17.2.x

Vulnerability Database

290,206

CVE-2011-4598