CVE-2008-2119

NONECVSS 0.0

0.0

Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer.

🔗 References (22)

cve@mitrehttp://bugs.digium.com/view.php?id=12607
cve@mitrehttp://downloads.digium.com/pub/security/AST-2008-008.html
cve@mitrehttp://secunia.com/advisories/30517
cve@mitrehttp://secunia.com/advisories/34982
cve@mitrehttp://security.gentoo.org/glsa/glsa-200905-01.xml
cve@mitrehttp://svn.digium.com/view/asterisk?view=rev&revision=120109
cve@mitrehttp://www.securityfocus.com/archive/1/493020/100/0/threaded
cve@mitrehttp://www.securitytracker.com/id?1020166
cve@mitrehttp://www.vupen.com/english/advisories/2008/1731
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/42823
cve@mitrehttps://www.exploit-db.com/exploits/5749
af854a3a-2127-422b-91ae-364da2661108http://bugs.digium.com/view.php?id=12607
af854a3a-2127-422b-91ae-364da2661108http://downloads.digium.com/pub/security/AST-2008-008.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30517
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34982

Is Your Infrastructure Affected by CVE-2008-2119?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-2119

📅 Published

🔄 Last Modified

🔗 References (22)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-2119?