VOIP: Asterisk Skinny Channel Driver Remote Denial of Service
This signature detects attempts to exploit a known vulnerability against Asterisk Skinny Channel Driver. A successful attack can result in a denial-of-service condition.
Extended Description
Asterisk is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain specially crafted packets. Exploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users. These versions are vulnerable: Asterisk Open Source prior to 1.4.10 AsteriskNOW pre-release prior to beta7 Asterisk Appliance Developer Kit prior to 0.7.0 Asterisk s800i (Asterisk Appliance) prior to 1.0.3
Affected Products
Asterisk s800i_appliance,Asterisk asterisk
Short Name
VOIP:SKINNY-DRV-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
VOIP
Keywords
Asterisk CVE-2007-3764 CVE-2007-4280 Channel Denial Driver Remote Service Skinny bid:24950 bid:25228 of
Release Date
01/28/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/2000
False Positive
Unknown
Vendors
Asterisk
CVSS Score
3.5
5.0