← Back

CVE-2013-5642

nvd nist
Published: Sep 9, 2013Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The SIP channel driver (channels/chan_sip.c) in Asterisk Open Source 1.8.x before 1.8.23.1, 10.x before 10.12.3, and 11.x before 11.5.1; Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.3-digiumphones allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and daemon crash) via an invalid SDP that defines a media description before the connection description in a SIP request.

Affected (81)

Digium
3 products
Asterisk
Asterisk Digiumphones
Certified Asterisk
Configuration A
81 vulnerable
Vulnerable SoftwareAffected Versions
Digium
Asterisk
Version 1.8.17.0
Asterisk
Version 1.8.17.0 rc1
Asterisk
Version 1.8.17.0 rc2
Asterisk
Version 1.8.17.0 rc3
Asterisk
Version 1.8.18.0
Asterisk
Version 1.8.18.0 rc1
Asterisk
Version 1.8.18.1
Asterisk
Version 1.8.19.0
Asterisk
Version 1.8.19.0 rc1
Asterisk
Version 1.8.19.0 rc3
Asterisk
Version 1.8.19.1
Asterisk
Version 1.8.20.0
Asterisk
Version 1.8.20.0 rc1
Asterisk
Version 1.8.20.0 rc2
Asterisk
Version 1.8.21.0 rc1
Asterisk
Version 1.8.21.0 rc2
Asterisk
Version 1.8.22.0
Asterisk
Version 1.8.22.0 rc1
Asterisk
Version 1.8.22.0 rc2
Asterisk
Version 1.8.23.0
Asterisk
Version 1.8.23.0 rc1
Asterisk
Version 1.8.23.0 rc2
Asterisk
Version 10.10.0
Asterisk
Version 10.10.0 rc1
Asterisk
Version 10.10.0 rc2
Asterisk
Version 10.11.0
Asterisk
Version 10.11.0 rc1
Asterisk
Version 10.11.0 rc2
Asterisk
Version 10.11.0 rc3
Asterisk
Version 10.12.0
Asterisk
Version 10.12.0 rc1
Asterisk
Version 10.12.0 rc2
Asterisk
Version 10.12.1
Asterisk
Version 10.12.2
Asterisk
Version 11.0.0
Asterisk
Version 11.0.0 beta1
Asterisk
Version 11.0.0 beta2
Asterisk
Version 11.0.0 rc1
Asterisk
Version 11.0.0 rc2
Asterisk
Version 11.0.1
Asterisk
Version 11.0.2
Asterisk
Version 11.1.0
Asterisk
Version 11.1.0 rc1
Asterisk
Version 11.1.0 rc3
Asterisk
Version 11.1.1
Asterisk
Version 11.1.2
Asterisk
Version 11.2.0 rc1
Asterisk
Version 11.2.0 rc2
Asterisk
Version 11.3.0 rc1
Asterisk
Version 11.3.0 rc2
Asterisk
Version 11.4.0
Asterisk
Version 11.4.0 rc1
Asterisk
Version 11.4.0 rc2
Asterisk
Version 11.4.0 rc3
Asterisk
Version 11.5.0
Asterisk
Version 11.5.0 rc1
Asterisk
Version 11.5.0 rc2
Asterisk
Version 11.5.1
Digium
Asterisk Digiumphones
Version 10.0.0
Asterisk Digiumphones
Version 10.0.0 rc1
Asterisk Digiumphones
Version 10.0.0 rc2
Asterisk Digiumphones
Version 10.11.0
Asterisk Digiumphones
Version 10.11.0 rc1
Asterisk Digiumphones
Version 10.11.0 rc2
Asterisk Digiumphones
Version 10.11.0 rc3
Asterisk Digiumphones
Version 10.12.0
Asterisk Digiumphones
Version 10.12.0 rc1
Asterisk Digiumphones
Version 10.12.0 rc2
Asterisk Digiumphones
Version 10.12.1
Asterisk Digiumphones
Version 10.12.2
Digium
Certified Asterisk
Version 1.8.15
Certified Asterisk
Version 1.8.15 cert1-rc1
Certified Asterisk
Version 1.8.15 cert1-rc2
Certified Asterisk
Version 1.8.15 cert1-rc3
Certified Asterisk
Version 1.8.15 cert1
Certified Asterisk
Version 1.8.15 cert2
Certified Asterisk
Version 1.8.15 rc1
Certified Asterisk
Version 11.2.0
Certified Asterisk
Version 11.2.0 cert1
Certified Asterisk
Version 11.2.0 rc1
Certified Asterisk
Version 11.2.0 rc2

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (20)

Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.