Vulnerability Name:

CVE-2012-0885 (CCN-72556)

Assigned:2012-01-19
Published:2012-01-19
Updated:2012-01-26
Summary:chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2012-0885

Source: CONFIRM
Type: Patch
http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff

Source: CONFIRM
Type: Patch
http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff

Source: CCN
Type: AST-2012-001
SRTP Video Remote Crash Vulnerability

Source: CONFIRM
Type: Vendor Advisory
http://downloads.asterisk.org/pub/security/AST-2012-001.html

Source: CCN
Type: SA47630
Asterisk SRTP Video Stream Negotiation Denial of Service Vulnerability

Source: MLIST
Type: UNKNOWN
[oss-security] 20120120 CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP

Source: MLIST
Type: UNKNOWN
[oss-security] 20120120 Re: CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP

Source: CCN
Type: OSVDB ID: 78482
Asterisk SRTP Video Stream Negotiation Remote DoS

Source: CCN
Type: BID-51581
Asterisk SRTP Video Denial Of Service Vulnerability

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=783487

Source: XF
Type: UNKNOWN
asterisk-srtp-dos(72556)

Source: CONFIRM
Type: UNKNOWN
https://issues.asterisk.org/jira/browse/ASTERISK-19202

Source: CONFIRM
Type: Exploit
https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch

Vulnerable Configuration:Configuration 1:
  • cpe:/a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:digium:asterisk:1.8.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.4:rc3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.4:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.4:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:rc5:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.3:rc3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.3:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.3:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.5:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.6.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.6.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.6.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.7.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.7.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:1.8.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:10.0.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.precise:def:20120885000
    V
    		CVE-2012-0885 on Ubuntu 12.04 LTS (precise) - medium.
    2012-01-25
    BACK
    asterisk open source 1.8.0
    asterisk open source 1.8.0 beta1
    asterisk open source 1.8.0 beta2
    asterisk open source 1.8.0 beta3
    asterisk open source 1.8.0 beta4
    asterisk open source 1.8.0 beta5
    asterisk open source 1.8.0 rc2
    asterisk open source 1.8.0 rc3
    asterisk open source 1.8.0 rc4
    asterisk open source 1.8.0 rc5
    asterisk open source 1.8.1
    asterisk open source 1.8.1 rc1
    asterisk open source 1.8.1.1
    asterisk open source 1.8.1.2
    asterisk open source 1.8.2
    asterisk open source 1.8.2 rc1
    asterisk open source 1.8.2.1
    asterisk open source 1.8.2.2
    asterisk open source 1.8.2.3
    asterisk open source 1.8.2.4
    asterisk open source 1.8.3
    asterisk open source 1.8.3 rc1
    asterisk open source 1.8.3 rc2
    asterisk open source 1.8.3 rc3
    asterisk open source 1.8.3.1
    asterisk open source 1.8.3.2
    asterisk open source 1.8.3.3
    asterisk open source 1.8.4
    asterisk open source 1.8.4 rc1
    asterisk open source 1.8.4 rc2
    asterisk open source 1.8.4 rc3
    asterisk open source 1.8.4.1
    asterisk open source 1.8.4.2
    asterisk open source 1.8.4.3
    asterisk open source 1.8.4.4
    asterisk open source 1.8.5 rc1
    asterisk open source 1.8.5.0
    asterisk open source 1.8.6.0
    asterisk open source 1.8.6.0 rc1
    asterisk open source 1.8.6.0 rc2
    asterisk open source 1.8.6.0 rc3
    asterisk open source 1.8.7.0
    asterisk open source 1.8.7.0 rc1
    asterisk open source 1.8.7.0 rc2
    asterisk open source 1.8.7.1
    asterisk open source 1.8.7.2
    asterisk open source 1.8.8.0
    asterisk open source 1.8.8.0 rc1
    asterisk open source 1.8.8.0 rc2
    asterisk open source 1.8.8.0 rc3
    asterisk open source 1.8.8.0 rc4
    asterisk open source 1.8.8.0 rc5
    asterisk open source 1.8.8.1
    asterisk open source 10.0.0
    asterisk open source 10.0.0 beta1
    asterisk open source 10.0.0 beta2
    asterisk open source 10.0.0 rc1
    asterisk open source 10.0.0 rc2
    asterisk open source 10.0.0 rc3
    digium asterisk 1.8.1.2
    digium asterisk 1.8.1.1
    digium asterisk 1.8.4 rc3
    digium asterisk 1.8.4 rc2
    digium asterisk 1.8.4 rc1
    digium asterisk 1.8.4
    digium asterisk 1.8.4.1
    digium asterisk 1.8.1 rc1
    digium asterisk 1.8.0 rc5
    digium asterisk 1.8.0 rc4
    digium asterisk 1.8.0 rc3
    digium asterisk 1.8.0 rc2
    digium asterisk 1.8.3.3
    digium asterisk 1.8.0 beta5
    digium asterisk 1.8.0 beta4
    digium asterisk 1.8.0 beta3
    digium asterisk 1.8.0 beta2
    digium asterisk 1.8.0 beta1
    digium asterisk 1.8.0
    digium asterisk 1.8.2.3
    digium asterisk 1.8.2.2
    digium asterisk 1.8.2.1
    digium asterisk 1.8.2
    digium asterisk 1.8.3
    digium asterisk 1.8.1
    digium asterisk 1.8.3 rc3
    digium asterisk 1.8.3.1
    digium asterisk 1.8.3 rc1
    digium asterisk 1.8.3 rc2
    digium asterisk 1.8.3.2
    digium asterisk 1.8.2.4
    digium asterisk 1.8.4.2
    digium asterisk 1.8.4.3
    digium asterisk 1.8.4.4
    digium asterisk 1.8.5
    digium asterisk 1.8.5 rc1
    digium asterisk 1.8.5.0
    digium asterisk 1.8.6.0
    digium asterisk 1.8.6.0 rc1
    digium asterisk 1.8.6.0 rc2
    digium asterisk 1.8.6.0 rc3
    digium asterisk 1.8.7.0
    digium asterisk 1.8.7.0 rc1
    digium asterisk 1.8.7.0 rc2
    digium asterisk 1.8.7.1
    digium asterisk 10.0.0