Asterisk RTP Comfort Noise Processing Remote Denial Of Service Vulnerability Network Vulnerability

Summary

Asterisk is prone to a remote denial-of-service vulnerability because it fails to properly handle malformed RTP comfort noise data. Successful exploits can crash the application, resulting in denial-of- service conditions for legitimate users.

Solution

Updates are available. Please see the references for details.

References

http://downloads.asterisk.org/pub/security/AST-2009-010.html
http://www.asterisk.org/
http://www.securityfocus.com/bid/37153

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4055

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
Apache /server-status accessible
Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)
Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Mac OS X)

Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities