Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2013-5641

Disclosure Date: September 09, 2013
CVE-2013-5641
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an ACK with SDP to a previously terminated channel. NOTE: some of these details are obtained from third party information.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • digium

Products

  • asterisk 1.8.17.0,
  • asterisk 1.8.18.0,
  • asterisk 1.8.18.1,
  • asterisk 1.8.19.0,
  • asterisk 1.8.19.1,
  • asterisk 1.8.20.0,
  • asterisk 1.8.21.0,
  • asterisk 1.8.22.0,
  • asterisk 1.8.23.0,
  • asterisk 11.0.0,
  • asterisk 11.0.1,
  • asterisk 11.0.2,
  • asterisk 11.1.0,
  • asterisk 11.1.1,
  • asterisk 11.1.2,
  • asterisk 11.2.0,
  • asterisk 11.3.0,
  • asterisk 11.4.0,
  • asterisk 11.5.0,
  • asterisk 11.5.1,
  • certified asterisk 1.8.15,
  • certified asterisk 11.2.0
Technical Analysis