← Back

CVE-2013-5641

nvd nist
Published: Sep 9, 2013Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an ACK with SDP to a previously terminated channel. NOTE: some of these details are obtained from third party information.

Affected (57)

Digium
2 products
Asterisk
Certified Asterisk
Configuration A
57 vulnerable
Vulnerable SoftwareAffected Versions
Digium
Asterisk
Version 1.8.17.0
Asterisk
Version 1.8.17.0 rc1
Asterisk
Version 1.8.17.0 rc2
Asterisk
Version 1.8.17.0 rc3
Asterisk
Version 1.8.18.0
Asterisk
Version 1.8.18.0 rc1
Asterisk
Version 1.8.18.1
Asterisk
Version 1.8.19.0
Asterisk
Version 1.8.19.0 rc1
Asterisk
Version 1.8.19.0 rc3
Asterisk
Version 1.8.19.1
Asterisk
Version 1.8.20.0
Asterisk
Version 1.8.20.0 rc1
Asterisk
Version 1.8.20.0 rc2
Asterisk
Version 1.8.21.0 rc1
Asterisk
Version 1.8.21.0 rc2
Asterisk
Version 1.8.22.0
Asterisk
Version 1.8.22.0 rc1
Asterisk
Version 1.8.22.0 rc2
Asterisk
Version 1.8.23.0
Asterisk
Version 1.8.23.0 rc1
Asterisk
Version 1.8.23.0 rc2
Asterisk
Version 11.0.0
Asterisk
Version 11.0.0 beta1
Asterisk
Version 11.0.0 beta2
Asterisk
Version 11.0.0 rc1
Asterisk
Version 11.0.0 rc2
Asterisk
Version 11.0.1
Asterisk
Version 11.0.2
Asterisk
Version 11.1.0
Asterisk
Version 11.1.0 rc1
Asterisk
Version 11.1.0 rc3
Asterisk
Version 11.1.1
Asterisk
Version 11.1.2
Asterisk
Version 11.2.0 rc1
Asterisk
Version 11.2.0 rc2
Asterisk
Version 11.3.0 rc1
Asterisk
Version 11.3.0 rc2
Asterisk
Version 11.4.0
Asterisk
Version 11.4.0 rc1
Asterisk
Version 11.4.0 rc2
Asterisk
Version 11.4.0 rc3
Asterisk
Version 11.5.0
Asterisk
Version 11.5.0 rc1
Asterisk
Version 11.5.0 rc2
Asterisk
Version 11.5.1
Digium
Certified Asterisk
Version 1.8.15
Certified Asterisk
Version 1.8.15 cert1-rc1
Certified Asterisk
Version 1.8.15 cert1-rc2
Certified Asterisk
Version 1.8.15 cert1-rc3
Certified Asterisk
Version 1.8.15 cert1
Certified Asterisk
Version 1.8.15 cert2
Certified Asterisk
Version 1.8.15 rc1
Certified Asterisk
Version 11.2.0
Certified Asterisk
Version 11.2.0 cert1
Certified Asterisk
Version 11.2.0 rc1
Certified Asterisk
Version 11.2.0 rc2

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (22)

Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.