VOIP: Digium Asterisk SIP Invalid Response Code Denial of Service
This signature detects attempts to exploit a known vulnerability against Digium Asterisk SIP Invalid Response. A successful attack can result in a denial-of-service condition.
Extended Description
Asterisk is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain SIP packets. Exploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users. Asterisk versions prior to 1.2.18 and 1.4.3 are vulnerable to this issue.
Affected Products
Asterisk asterisk
Short Name
VOIP:SIP:ASTERISK-RES-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
VOIP
Keywords
Asterisk CVE-2007-1594 Code Denial Digium Invalid Response SIP Service bid:23093 of
Release Date
07/27/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Suse
Asterisk
Gentoo
CVSS Score
7.8