Signature Detail

APP: Digium Asterisk Skinny Channel NULL-Pointer Dereference Denial of Service

This signature detects attempts to exploit a known vulnerability against Digium Asterisk. A successful attack can result in a denial-of-service condition.

Extended Description

Asterisk is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to trigger a NULL-pointer dereference and cause a system crash, denying service to legitimate users.

Affected Products

• Asterisk asterisk 10.0.0
• Asterisk asterisk 10.0.1
• Asterisk asterisk 10.2.0
• Asterisk asterisk 10.2.1
• Asterisk asterisk 10.3.0
• Asterisk asterisk 10.3.1
• Asterisk asterisk 1.8.0
• Asterisk asterisk 1.8.1
• Asterisk asterisk 1.8.10.0
• Asterisk asterisk 1.8.10.1
• Asterisk asterisk 1.8.11.0
• Asterisk asterisk 1.8.11.1
• Asterisk asterisk 1.8.1.2
• Asterisk asterisk 1.8.2.1
• Asterisk asterisk 1.8.2.4
• Asterisk asterisk 1.8.3.1
• Asterisk asterisk 1.8.3.3
• Asterisk asterisk 1.8.4.1
• Asterisk asterisk 1.8.4 2
• Asterisk asterisk 1.8.4.3
• Asterisk asterisk 1.8.4.4
• Asterisk asterisk 1.8.7.1
• Asterisk asterisk 1.8.7.2
• Asterisk asterisk 1.8.8.2
• Asterisk certified_asterisk 1.8.11-cert1
• Debian linux 6.0 amd64
• Debian linux 6.0 arm
• Debian linux 6.0 ia-32
• Debian linux 6.0 ia-64
• Debian linux 6.0 mips
• Debian linux 6.0 powerpc
• Debian linux 6.0 s/390
• Debian linux 6.0 sparc
• Gentoo linux

References

• BugTraq: 53723
• BugTraq: 53210
• CVE: CVE-2012-2415
• CVE: CVE-2012-2948