Vulnerability Name:

CVE-2009-0871 (CCN-49185)

Assigned:2009-03-10
Published:2009-03-10
Updated:2018-10-10
Summary:The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1.6.1 before 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP INVITE request without any headers, which triggers a NULL pointer dereference in the (1) sip_uri_headers_cmp and (2) sip_uri_params_cmp functions.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P)
2.6 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: CONFIRM
Type: UNKNOWN
http://bugs.digium.com/view.php?id=13547

Source: CONFIRM
Type: UNKNOWN
http://bugs.digium.com/view.php?id=14417

Source: MITRE
Type: CNA
CVE-2009-0871

Source: CCN
Type: AST-2009-002
Remote Crash Vulnerability in SIP channel driver

Source: CONFIRM
Type: Patch, Vendor Advisory
http://downloads.digium.com/pub/security/AST-2009-002.html

Source: OSVDB
Type: UNKNOWN
52568

Source: CCN
Type: SA34229
Asterisk "pedantic" SIP Processing Denial of Service

Source: SECUNIA
Type: Vendor Advisory
34229

Source: CCN
Type: SECTRACK ID: 1021834
Asterisk Bug in Processing SIP INVITE Request with NULL Header Values Lets Remote Authenticated Users Deny Service

Source: CCN
Type: OSVDB ID: 52568
Asterisk SIP Channel Driver Pedantic Functionality Malformed SIP INVITE Message Remote DoS

Source: BUGTRAQ
Type: UNKNOWN
20090310 AST-2009-002: Remote Crash Vulnerability in SIP channel driver

Source: BID
Type: Patch
34070

Source: CCN
Type: BID-34070
Asterisk Pedantic Mode SIP Channel Driver INVITE Header Remote Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1021834

Source: VUPEN
Type: UNKNOWN
ADV-2009-0667

Source: XF
Type: UNKNOWN
asterisk-sipuriparamscmp-dos(49185)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:digium:asterisk:1.4.22:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.4.23:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.4.23.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta6:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta7:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta7.1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta8:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:beta9:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:rc5:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0:rc6:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0.3:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.1:beta1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.1:beta2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.1:beta3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.1:beta4:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.6.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:c.2.3:-:business:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:digium:asterisk:c.2.3:-:business:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    digium asterisk 1.4.22
    digium asterisk 1.4.23
    digium asterisk 1.4.23.1
    digium asterisk 1.6.0
    digium asterisk 1.6.0 beta1
    digium asterisk 1.6.0 beta2
    digium asterisk 1.6.0 beta3
    digium asterisk 1.6.0 beta4
    digium asterisk 1.6.0 beta5
    digium asterisk 1.6.0 beta6
    digium asterisk 1.6.0 beta7
    digium asterisk 1.6.0 beta7.1
    digium asterisk 1.6.0 beta8
    digium asterisk 1.6.0 beta9
    digium asterisk 1.6.0 rc4
    digium asterisk 1.6.0 rc5
    digium asterisk 1.6.0 rc6
    digium asterisk 1.6.0.1
    digium asterisk 1.6.0.2
    digium asterisk 1.6.0.3
    digium asterisk 1.6.0.3 rc1
    digium asterisk 1.6.0.4 rc1
    digium asterisk 1.6.0.5
    digium asterisk 1.6.1
    digium asterisk 1.6.1 beta1
    digium asterisk 1.6.1 beta2
    digium asterisk 1.6.1 beta3
    digium asterisk 1.6.1 beta4
    digium asterisk 1.6.1 rc1
    digium asterisk c.2.3 -
    digium asterisk c.2.3 -