Asterisk.Chan.Skinny.Large.Memcpy.DoS

description-logoDescription

This indicates an attack attempt against a Denial of Service vulnerability in the Skinny channel driver (chan_skinny) in Asterisk.
The vulnerability is caused by an error when the vulnerable software handles a crafted packet with certain data length value. A remote attack may be able to exploit this to cause a denial of service condition on the affected system via a crafted packet.

affected-products-logoAffected Products

Asterisk AsteriskNow Beta 6
Asterisk AsteriskNow Beta 5
Asterisk Asterisk Business Edition B.2.2.0
Asterisk Asterisk Business Edition B.1.3.3
Asterisk Asterisk Business Edition B.1.3.2
Asterisk Asterisk Business Edition A
Asterisk Asterisk Appliance Developer Kit 0.4
Asterisk Asterisk 1.4.7
Asterisk Asterisk 1.4.4
Asterisk Asterisk 1.4.3
Asterisk Asterisk 1.4.2
Asterisk Asterisk 1.4.1
Asterisk Asterisk 1.2.21
Asterisk Asterisk 1.2.19
Asterisk Asterisk 1.2.18
Asterisk Asterisk 1.2.17
Asterisk Asterisk 1.2.16
Asterisk Asterisk 1.2.15
Asterisk Asterisk 1.2.14
Asterisk Asterisk 1.2.13
Asterisk Asterisk 1.2.11
Asterisk Asterisk 1.2.11
Asterisk Asterisk 1.2.10
Asterisk Asterisk 1.2 .0-beta2
Asterisk Asterisk 1.2 .0-beta1
Asterisk Asterisk 1.0.12
Asterisk Asterisk 1.0.11
Asterisk Asterisk 1.0.10
Asterisk Asterisk 1.0.9
Asterisk Asterisk 1.0.8
Asterisk Asterisk 1.0.7
Asterisk Asterisk 1.0.6
Asterisk Asterisk 1.0
Asterisk Asterisk B.2.1
Asterisk Asterisk 1.4 Beta
Asterisk Appliance Developers Kit 0.3

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest versions:
http://www.digium.com

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)