CVE-2012-2416

chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel.

Published: Apr 30, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-2416
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
asterisk / open_source	1.6.2.0-rc4	1.6.2.0-rc4.x
asterisk / open_source	1.6.2.15.1	1.6.2.15.1.x
asterisk / open_source	1.6.2.10-rc1	1.6.2.10-rc1.x
asterisk / open_source	1.6.2.9-rc3	1.6.2.9-rc3.x
asterisk / open_source	1.6.2.17-rc1	1.6.2.17-rc1.x
asterisk / open_source	1.6.2.1	1.6.2.1.x
asterisk / open_source	1.6.2.2	1.6.2.2.x
asterisk / open_source	1.6.2.14	1.6.2.14.x
asterisk / open_source	1.6.2.17-rc3	1.6.2.17-rc3.x
asterisk / open_source	1.6.2.22	1.6.2.22.x
asterisk / open_source	1.6.2.8	1.6.2.8.x
asterisk / open_source	1.6.2.13	1.6.2.13.x
asterisk / open_source	1.6.2.15-rc1	1.6.2.15-rc1.x
asterisk / open_source	1.6.2.7-rc2	1.6.2.7-rc2.x
asterisk / open_source	1.6.2.9	1.6.2.9.x
asterisk / open_source	1.6.2.16-rc1	1.6.2.16-rc1.x
asterisk / open_source	1.6.2.7-rc1	1.6.2.7-rc1.x
asterisk / open_source	1.6.2.17.1	1.6.2.17.1.x
asterisk / open_source	1.6.2.0-rc8	1.6.2.0-rc8.x
asterisk / open_source	1.6.2.19-rc1	1.6.2.19-rc1.x
asterisk / open_source	1.6.2.15	1.6.2.15.x
asterisk / open_source	1.6.2.1-rc1	1.6.2.1-rc1.x
asterisk / open_source	1.6.2.6	1.6.2.6.x
asterisk / open_source	1.6.2.0-rc2	1.6.2.0-rc2.x
asterisk / open_source	1.6.2.6-rc2	1.6.2.6-rc2.x
asterisk / open_source	1.6.2.18.2	1.6.2.18.2.x
asterisk / open_source	1.6.2.7	1.6.2.7.x
asterisk / open_source	1.6.2.4	1.6.2.4.x
asterisk / open_source	1.6.2.19	1.6.2.19.x
asterisk / open_source	1.6.2.3-rc2	1.6.2.3-rc2.x
asterisk / open_source	1.6.2.16	1.6.2.16.x
asterisk / open_source	1.6.2.23	1.6.2.23.x
asterisk / open_source	1.6.2.14-rc1	1.6.2.14-rc1.x
asterisk / open_source	1.6.2.11-rc1	1.6.2.11-rc1.x
asterisk / open_source	1.6.2.18	1.6.2.18.x
asterisk / open_source	1.6.2.16.2	1.6.2.16.2.x
asterisk / open_source	1.6.2.18-rc1	1.6.2.18-rc1.x
asterisk / open_source	1.6.2.0-rc3	1.6.2.0-rc3.x
asterisk / open_source	1.6.2.9-rc2	1.6.2.9-rc2.x
asterisk / open_source	1.6.2.20	1.6.2.20.x
asterisk / open_source	1.6.2.11	1.6.2.11.x
asterisk / open_source	1.6.2.0-rc5	1.6.2.0-rc5.x
asterisk / open_source	1.6.2.10	1.6.2.10.x
asterisk / open_source	1.6.2.7-rc3	1.6.2.7-rc3.x
asterisk / open_source	1.6.2.6-rc1	1.6.2.6-rc1.x
asterisk / open_source	1.6.2.8-rc1	1.6.2.8-rc1.x
asterisk / open_source	1.6.2.17-rc2	1.6.2.17-rc2.x
asterisk / open_source	1.6.2.5	1.6.2.5.x
asterisk / open_source	1.6.2.17.2	1.6.2.17.2.x
asterisk / open_source	1.6.2.12	1.6.2.12.x
asterisk / open_source	1.6.2.11-rc2	1.6.2.11-rc2.x
asterisk / open_source	1.6.2.17	1.6.2.17.x
asterisk / open_source	1.6.2.9-rc1	1.6.2.9-rc1.x
asterisk / open_source	1.6.2.21	1.6.2.21.x
asterisk / open_source	1.6.2.17.3	1.6.2.17.3.x
asterisk / open_source	1.6.2.16.1	1.6.2.16.1.x
asterisk / open_source	1.6.2.12-rc1	1.6.2.12-rc1.x
asterisk / open_source	1.6.2.18.1	1.6.2.18.1.x
asterisk / open_source	1.6.2.0-rc7	1.6.2.0-rc7.x
asterisk / open_source	1.6.2.10-rc2	1.6.2.10-rc2.x
asterisk / open_source	1.6.2.0-rc6	1.6.2.0-rc6.x
asterisk / open_source	1.6.2.0	1.6.2.0.x
asterisk / open_source	1.8.10.0-rc1	1.8.10.0-rc1.x
asterisk / open_source	1.8.0-beta1	1.8.0-beta1.x
asterisk / open_source	1.8.3	1.8.3.x
asterisk / open_source	1.8.8.1	1.8.8.1.x
asterisk / open_source	1.8.1-rc1	1.8.1-rc1.x
asterisk / open_source	1.8.0-rc2	1.8.0-rc2.x
asterisk / open_source	1.8.9.0-rc1	1.8.9.0-rc1.x
asterisk / open_source	1.8.10.0-rc2	1.8.10.0-rc2.x
asterisk / open_source	1.8.0-rc3	1.8.0-rc3.x
asterisk / open_source	1.8.8.0-rc4	1.8.8.0-rc4.x
asterisk / open_source	1.8.0-beta2	1.8.0-beta2.x
asterisk / open_source	1.8.4.4	1.8.4.4.x
asterisk / open_source	1.8.8.0-rc3	1.8.8.0-rc3.x
asterisk / open_source	1.8.3-rc3	1.8.3-rc3.x
asterisk / open_source	1.8.11.0-rc3	1.8.11.0-rc3.x
asterisk / open_source	1.8.2.3	1.8.2.3.x
asterisk / open_source	1.8.9.0-rc2	1.8.9.0-rc2.x
asterisk / open_source	1.8.7.2	1.8.7.2.x
asterisk / open_source	1.8.9.2	1.8.9.2.x
asterisk / open_source	1.8.0-beta3	1.8.0-beta3.x
asterisk / open_source	1.8.4-rc1	1.8.4-rc1.x
asterisk / open_source	1.8.9.3	1.8.9.3.x
asterisk / open_source	1.8.6.0-rc3	1.8.6.0-rc3.x
asterisk / open_source	1.8.6.0-rc2	1.8.6.0-rc2.x
asterisk / open_source	1.8.7.0-rc2	1.8.7.0-rc2.x
asterisk / open_source	1.8.10.0-rc3	1.8.10.0-rc3.x
asterisk / open_source	1.8.3-rc2	1.8.3-rc2.x
asterisk / open_source	1.8.3.3	1.8.3.3.x
asterisk / open_source	1.8.8.0-rc1	1.8.8.0-rc1.x
asterisk / open_source	1.8.6.0	1.8.6.0.x
asterisk / open_source	1.8.8.0-rc2	1.8.8.0-rc2.x
asterisk / open_source	1.8.4.3	1.8.4.3.x
asterisk / open_source	1.8.5.0	1.8.5.0.x
asterisk / open_source	1.8.4.2	1.8.4.2.x
asterisk / open_source	1.8.9.0-rc3	1.8.9.0-rc3.x
asterisk / open_source	1.8.7.0	1.8.7.0.x
asterisk / open_source	1.8.2.4	1.8.2.4.x
asterisk / open_source	1.8.4.1	1.8.4.1.x
asterisk / open_source	1.8.2	1.8.2.x
asterisk / open_source	1.8.1.2	1.8.1.2.x
asterisk / open_source	1.8.0	1.8.0.x
asterisk / open_source	1.8.3-rc1	1.8.3-rc1.x
asterisk / open_source	1.8.10.0	1.8.10.0.x
asterisk / open_source	1.8.2.1	1.8.2.1.x
asterisk / open_source	1.8.8.0	1.8.8.0.x
asterisk / open_source	1.8.7.1	1.8.7.1.x
asterisk / open_source	1.8.1.1	1.8.1.1.x
asterisk / open_source	1.8.11.0-rc2	1.8.11.0-rc2.x
asterisk / open_source	1.8.7.0-rc1	1.8.7.0-rc1.x
asterisk / open_source	1.8.0-beta4	1.8.0-beta4.x
asterisk / open_source	1.8.8.0-rc5	1.8.8.0-rc5.x
asterisk / open_source	1.8.0-rc4	1.8.0-rc4.x
asterisk / open_source	1.8.4-rc3	1.8.4-rc3.x
asterisk / open_source	1.8.4-rc2	1.8.4-rc2.x
asterisk / open_source	1.8.0-rc5	1.8.0-rc5.x
asterisk / open_source	1.8.1	1.8.1.x
asterisk / open_source	1.8.9.1	1.8.9.1.x
asterisk / open_source	1.8.6.0-rc1	1.8.6.0-rc1.x
asterisk / open_source	1.8.10.1	1.8.10.1.x
asterisk / open_source	1.8.3.1	1.8.3.1.x
asterisk / open_source	1.8.9.0	1.8.9.0.x
asterisk / open_source	1.8.2-rc1	1.8.2-rc1.x
asterisk / open_source	1.8.10.0-rc4	1.8.10.0-rc4.x
asterisk / open_source	1.8.4	1.8.4.x
asterisk / open_source	1.8.3.2	1.8.3.2.x
asterisk / open_source	1.8.5-rc1	1.8.5-rc1.x
asterisk / open_source	1.8.2.2	1.8.2.2.x
asterisk / open_source	1.8.0-beta5	1.8.0-beta5.x
asterisk / open_source	1.8.8.2	1.8.8.2.x
asterisk / open_source	10.2.0-rc2	10.2.0-rc2.x
asterisk / open_source	10.3.0	10.3.0.x
asterisk / open_source	10.2.0-rc1	10.2.0-rc1.x
asterisk / open_source	10.3.0-rc3	10.3.0-rc3.x
asterisk / open_source	10.1.0	10.1.0.x
asterisk / open_source	10.2.1	10.2.1.x
asterisk / open_source	10.2.0-rc4	10.2.0-rc4.x
asterisk / open_source	10.3.0-rc2	10.3.0-rc2.x
asterisk / open_source	10.1.0-rc1	10.1.0-rc1.x
asterisk / open_source	10.0.0	10.0.0.x
asterisk / open_source	10.2.0-rc3	10.2.0-rc3.x
asterisk / open_source	10.1.1	10.1.1.x
asterisk / open_source	10.0.0-beta1	10.0.0-beta1.x
asterisk / open_source	10.2.0	10.2.0.x
asterisk / open_source	10.0.0-rc2	10.0.0-rc2.x
asterisk / open_source	10.1.2	10.1.2.x
asterisk / open_source	10.0.0-rc3	10.0.0-rc3.x
asterisk / open_source	10.1.0-rc2	10.1.0-rc2.x
asterisk / open_source	10.0.1	10.0.1.x
asterisk / open_source	10.0.0-rc1	10.0.0-rc1.x
asterisk / open_source	10.1.3	10.1.3.x
asterisk / open_source	10.0.0-beta2	10.0.0-beta2.x

Vulnerability Database

289,784

CVE-2012-2416