Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	APP:ASTERISK-PJSIP-MODULE-DOS
Severity	Minor
Recommended	Yes
Recommended Action	Drop
Category	APP
Keywords	Asterisk PJSIP Module Event Package SIP SUBSCRIBE Request Handling Remote Denial of Service
Release Date	2015/01/07
Update Number	2457
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: Asterisk PJSIP Module Event Package SIP SUBSCRIBE Request Handling Remote Denial of Service

This signature detects attempts to exploit a known vulnerability against Digium Asterisk. A successful exploit can lead to Denial of Service.

Extended Description

The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

Affected Products

Digium asterisk 12.0.0
Digium asterisk 12.1.0
Digium asterisk 12.2.0
Digium asterisk 12.3.0
Digium asterisk 12.4.0
Digium asterisk 12.5.0

References

CVE: CVE-2014-6609

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: Asterisk PJSIP Module Event Package SIP SUBSCRIBE Request Handling Remote Denial of Service

Extended Description

Affected Products

References