CVE-2010-0441
NONE EPSS 87.3%
Published Feb 4, 201016y ago · Modified Jun 16, 20262w ago
Published Feb 4, 2010 16y ago
Last Modified Jun 16, 2026 2w ago
Description
Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number.
Threat Intelligence
EPSS Exploit Probability
87.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-20 Improper Input Validation Validation
Affected Products 53
| Vendor | Product | Version | Range |
|---|---|---|---|
| asterisk | asterisk | 1.6.0 | any |
| asterisk | asterisk | 1.6.0.1 | any |
| asterisk | asterisk | 1.6.0.2 | any |
| asterisk | asterisk | 1.6.0.3 | any |
| asterisk | asterisk | 1.6.0.5 | any |
| asterisk | asterisk | 1.6.0.6 | any |
| asterisk | asterisk | 1.6.0.7 | any |
| asterisk | asterisk | 1.6.0.8 | any |
| asterisk | asterisk | 1.6.0.9 | any |
| asterisk | asterisk | 1.6.0.10 | any |
| asterisk | asterisk | 1.6.0.12 | any |
| asterisk | asterisk | 1.6.0.13 | any |
| asterisk | asterisk | 1.6.0.14 | any |
| asterisk | asterisk | 1.6.0.15 | any |
| asterisk | asterisk | 1.6.0.16-rc1 | any |
| asterisk | asterisk | 1.6.0.16-rc2 | any |
| asterisk | asterisk | 1.6.0.17 | any |
| asterisk | asterisk | 1.6.0.18 | any |
| asterisk | asterisk | 1.6.0.18-rc1 | any |
| asterisk | asterisk | 1.6.0.18-rc2 | any |
| asterisk | asterisk | 1.6.0.18-rc3 | any |
| asterisk | asterisk | 1.6.0.19 | any |
| asterisk | asterisk | 1.6.0.20 | any |
| asterisk | asterisk | 1.6.0.20-rc1 | any |
| asterisk | asterisk | 1.6.0.21 | any |
| asterisk | asterisk | 1.6.0.21-rc1 | any |
| asterisk | asterisk | 1.6.1.0 | any |
| asterisk | asterisk | 1.6.1.1 | any |
| asterisk | asterisk | 1.6.1.2 | any |
| asterisk | asterisk | 1.6.1.4 | any |
| asterisk | asterisk | 1.6.1.5 | any |
| asterisk | asterisk | 1.6.1.6 | any |
| asterisk | asterisk | 1.6.1.7-rc1 | any |
| asterisk | asterisk | 1.6.1.7-rc2 | any |
| asterisk | asterisk | 1.6.1.8 | any |
| asterisk | asterisk | 1.6.1.9 | any |
| asterisk | asterisk | 1.6.1.10 | any |
| asterisk | asterisk | 1.6.1.10-rc1 | any |
| asterisk | asterisk | 1.6.1.10-rc2 | any |
| asterisk | asterisk | 1.6.1.10-rc3 | any |
| asterisk | asterisk | 1.6.1.11 | any |
| asterisk | asterisk | 1.6.1.12 | any |
| asterisk | asterisk | 1.6.1.12-rc1 | any |
| asterisk | asterisk | 1.6.1.13 | any |
| asterisk | asterisk | 1.6.1.13-rc1 | any |
| asterisk | asterisk | 1.6.2.1 | any |
| asterisk | asterisk | 1.6.2.1-rc1 | any |
| asterisk | asterisk | 1.6.10-rc1 | any |
| asterisk | asterisk | 1.6.10-rc2 | any |
| asterisk | asterisk | c.3.1.0 | any |
| asterisk | asterisk | c.3.1.1 | any |
| asterisk | asterisk | c.3.2.2 | any |
| asterisk | asterisk | c.3.3.3 | any |
References 14
- downloads.asterisk.org http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff
- downloads.asterisk.org http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff
- downloads.asterisk.org http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.2.diff
- downloads.asterisk.org http://downloads.asterisk.org/pub/security/AST-2010-001.html
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html
- secunia.com http://secunia.com/advisories/38395
- secunia.com http://secunia.com/advisories/39096
- securitytracker.com http://securitytracker.com/id?1023532
- securityfocus.com http://www.securityfocus.com/archive/1/509327/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/38047
- vupen.com http://www.vupen.com/english/advisories/2010/0289
- issues.asterisk.org https://issues.asterisk.org/view.php?id=16517
- issues.asterisk.org https://issues.asterisk.org/view.php?id=16634
- issues.asterisk.org https://issues.asterisk.org/view.php?id=16724
Remediation
- downloads.asterisk.org http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.0.diff
- downloads.asterisk.org http://downloads.asterisk.org/pub/security/AST-2010-001-1.6.1.diff