Asterisk RTP Comfort Noise Processing Remote Denial Of Service Vulnerability Network Vulnerability

Summary

Asterisk is prone to a remote denial-of-service vulnerability because it fails to properly handle malformed RTP comfort noise data. Successful exploits can crash the application, resulting in denial-of- service conditions for legitimate users.

Solution

Updates are available. Please see the references for details.

References

http://downloads.asterisk.org/pub/security/AST-2009-010.html
http://www.asterisk.org/
http://www.securityfocus.com/bid/37153

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4055

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Win)
Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
Apache Tomcat servlet/JSP container default files
Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Mac OS X)

Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities