This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
APP:DIGIUM-IAX2-POKE-DOS
|
Severity |
Minor
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
APP
|
Keywords |
Digium Asterisk IAX2 POKE Request Denial of Service
|
Release Date |
2011/07/25
|
Update Number |
1960
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
APP: Digium Asterisk IAX2 POKE Request Denial of Service
This signature detects attempts to exploit a known vulnerability against Digium Asterisk. A successful attack can result in a denial-of-service condition.
Extended Description
Asterisk is prone to a remote denial-of-service vulnerability because it fails to handle multiple 'POKE' requests in quick succession.
Attackers can exploit this issue by sending a persistent stream of 'POKE' requests that will consume processor resources and deny service to legitimate users.
NOTE: By default, 'POKE' requests are not logged by Asterisk.
Affected Products
- Asterisk asterisk 0.1.11
- Asterisk asterisk 0.1.7
- Asterisk asterisk 0.1.8
- Asterisk asterisk 0.1.9
- Asterisk asterisk 0.1.9 -1
- Asterisk asterisk 0.2.0
- Asterisk asterisk 0.3.0
- Asterisk asterisk 0.4.0
- Asterisk asterisk 0.4.1
- Asterisk asterisk 0.7.0 .0
- Asterisk asterisk 0.7.1
- Asterisk asterisk 0.7.2
- Asterisk asterisk 0.9.0 .0
- Asterisk asterisk 1.0.0
- Asterisk asterisk 1.0.10
- Asterisk asterisk 1.0.11
- Asterisk asterisk 1.0.12
- Asterisk asterisk 1.0.3.4
- Asterisk asterisk 1.0.6
- Asterisk asterisk 1.0.7
- Asterisk asterisk 1.0.8
- Asterisk asterisk 1.0.9
- Asterisk asterisk 1.2.0 .0-beta1
- Asterisk asterisk 1.2.0 .0-beta2
- Asterisk asterisk 1.2.10
- Asterisk asterisk 1.2.11
- Asterisk asterisk 1.2.13
- Asterisk asterisk 1.2.14
- Asterisk asterisk 1.2.15
- Asterisk asterisk 1.2.16
- Asterisk asterisk 1.2.17
- Asterisk asterisk 1.2.18
- Asterisk asterisk 1.2.19
- Asterisk asterisk 1.2.21
- Asterisk asterisk 1.2.22
- Asterisk asterisk 1.2.23
- Asterisk asterisk 1.2.24
- Asterisk asterisk 1.2.25
- Asterisk asterisk 1.2.26
- Asterisk asterisk 1.2.27
- Asterisk asterisk 1.2.28
- Asterisk asterisk 1.2.29
- Asterisk asterisk 1.2.5
- Asterisk asterisk 1.2.6
- Asterisk asterisk 1.2.7
- Asterisk asterisk 1.2.8
- Asterisk asterisk 1.2.9
- Asterisk asterisk 1.4.1
- Asterisk asterisk 1.4.10
- Asterisk asterisk 1.4.11
- Asterisk asterisk 1.4.12
- Asterisk asterisk 1.4.13
- Asterisk asterisk 1.4.14
- Asterisk asterisk 1.4.15
- Asterisk asterisk 1.4.16
- Asterisk asterisk 1.4.17
- Asterisk asterisk 1.4.18
- Asterisk asterisk 1.4.18.1
- Asterisk asterisk 1.4.19
- Asterisk asterisk 1.4.19.1
- Asterisk asterisk 1.4.19-Rc3
- Asterisk asterisk 1.4.2
- Asterisk asterisk 1.4.3
- Asterisk asterisk 1.4.4
- Asterisk asterisk 1.4.5
- Asterisk asterisk 1.4.6
- Asterisk asterisk 1.4.7
- Asterisk asterisk 1.4.8
- Asterisk asterisk 1.4.9
- Asterisk asterisk 1.4 Beta
- Asterisk asterisk 1.4 Revision 95946
- Asterisk asterisk 1.6
- Asterisk asterisk 1.6.0 Beta6
- Asterisk asterisk B.2.1
- Asterisk asterisk B.2.2.0
- Asterisk asterisk B.2.3.6
- Asterisk asterisk C.1.0
- Asterisk asterisk C.1.0-beta8
- Asterisk asterisk
- Asterisk asterisk_business_edition A
- Asterisk asterisk_business_edition B
- Asterisk asterisk_business_edition B.1.3.2
- Asterisk asterisk_business_edition B.1.3.3
- Asterisk asterisk_business_edition B.2.2.0
- Asterisk asterisk_business_edition B.2.2.1
- Asterisk asterisk_business_edition B.2.3.1
- Asterisk asterisk_business_edition B.2.3.2
- Asterisk asterisk_business_edition B.2.3.3
- Asterisk asterisk_business_edition B.2.3.4
- Asterisk asterisk_business_edition B.2.3.6
- Asterisk asterisk_business_edition B.2.5.1
- Asterisk asterisk_business_edition B.2.5.2
- Asterisk asterisk_business_edition B.2.5.3
- Asterisk asterisk_business_edition C
- Asterisk asterisk_business_edition C.1.0-beta7
- Asterisk asterisk_business_edition C.1.0-beta8
- Asterisk asterisk_business_edition C.1.6
- Asterisk asterisk_business_edition C.1.6.1
- Asterisk asterisk_business_edition C.1.6.2
- Asterisk asterisk_business_edition C.1.8.1
- Gentoo linux
References