Buffer overflow in Asterisk
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2012-2416 |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Asterisk Open Source Server applications / Conferencing, Collaboration and VoIP solutions |
| Vendor | Digium (Linux Support Services) |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Buffer overflow
EUVDB-ID: #VU32791
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2012-2416
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel.
MitigationInstall update from vendor's website.
Vulnerable software versionsAsterisk Open Source: 10.3.0
CPE2.3 External linkshttps://downloads.asterisk.org/pub/security/AST-2012-006.html
https://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html
https://osvdb.org/81456
https://secunia.com/advisories/48891
https://www.securityfocus.com/bid/53205
https://www.securitytracker.com/id?1026963
https://exchange.xforce.ibmcloud.com/vulnerabilities/75101
https://issues.asterisk.org/jira/browse/ASTERISK-19770
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
