Asterisk RTP Comfort Noise Processing Remote Denial Of Service Vulnerability Network Vulnerability

Summary

Asterisk is prone to a remote denial-of-service vulnerability because it fails to properly handle malformed RTP comfort noise data. Successful exploits can crash the application, resulting in denial-of- service conditions for legitimate users.

Solution

Updates are available. Please see the references for details.

References

http://downloads.asterisk.org/pub/security/AST-2009-010.html
http://www.asterisk.org/
http://www.securityfocus.com/bid/37153

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4055
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache Tomcat servlet/JSP container default files
AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)
Apple Mac OS X Authentication Bypass Vulnerability
Apple Safari Webkit Multiple Vulnerabilities - May13 (Mac OS X)

Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities