Digium.Asterisk.HTTP.Connections.DoS
Description
This indicates a possible attack against a Denial of Services (DoS) vulnerability in the Digium Asterisk.
The vulnerability is due to an error when the vulnerable software handles a large number of HTTP sessions. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.
Affected Products
Asterisk Open Source 1.8.x before 1.8.28.1
Asterisk Open Source 11.x before 11.10.1
Asterisk Open Source 12.x before 12.3.1
Certified Asterisk 1.8.15 before 1.8.15-cert6
Certified Asterisk 11.6 before 11.6-cert3
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the patch, available from the website:
http://downloads.asterisk.org/pub/security/AST-2014-007.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |