CVE-2011-2535 Information

Feb 14, 2021 cve

Description

chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x before 1.4.41.1 1.6.2.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 and Asterisk Business Edition C.3 before C.3.7.3 accesses a memory address contained in an option control frame which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a crafted frame.

Reference

http://downloads.asterisk.org/pub/security/AST-2011-010.html http://downloads.asterisk.org/pub/security/AST-2011-010-1.8.diff http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062628.html http://secunia.com/advisories/44973 http://secunia.com/advisories/45048 http://secunia.com/advisories/45201 http://secunia.com/advisories/45239 http://securitytracker.com/id?1025708 http://www.debian.org/security/2011/dsa-2276 http://www.osvdb.org/73309 http://www.securityfocus.com/bid/48431 https://exchange.xforce.ibmcloud.com/vulnerabilities/68205

Share on: