Intrusion PreventionSDP.Invalid.RTP.Payload.Type.Number.Memory.Corruption
Description
This indicates an attempt to exploit a memory corruption vulnerability in Digium Asterisk.
The vulnerability is caused by insufficient validation of user-supplied data in the Session Description Protocol (SDP) payload.
Affected Products
Asterisk s800i Appliance 1.1 0
Asterisk AsteriskNow 1.0
Asterisk Asterisk Business Edition C.1.0-beta8
Asterisk Asterisk Business Edition C.1.0-beta7
Asterisk Asterisk Appliance Developer Kit 1.4
Asterisk Asterisk 1.4.17
Asterisk Asterisk 1.4.16
Asterisk Asterisk 1.4.15
Asterisk Asterisk 1.4.14
Asterisk Asterisk 1.4.13
Asterisk Asterisk 1.4.12
Asterisk Asterisk 1.4.11
Asterisk Asterisk 1.4.10
Asterisk Asterisk 1.4.9
Asterisk Asterisk 1.4.8
Asterisk Asterisk 1.4.7
Asterisk Asterisk 1.4.6
Asterisk Asterisk 1.4.5
Asterisk Asterisk 1.4.4
Asterisk Asterisk 1.4.3
Asterisk Asterisk 1.4.2
Asterisk Asterisk 1.4.1
Asterisk Asterisk 1.4 revision 95946
Asterisk Asterisk 1.4 Beta
Impact
System Compromise
Denial of Service
Recommended Actions
Apply the latest update from the vendor:
http://downloads.digium.com/pub/security/AST-2008-002.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 15694 |
| Created | Jul 24, 2008 |
| Updated | Nov 03, 2021 |
| Risk |
|
| CVE ID | CVE-2008-1289 |
| Exploit Prediction Score | 96.98% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |