exploits , vulnerabilities , articles , Asterisk IAX2 Call Number Space Exhaustion Remote Denial of Service Vulnerability

Title	Asterisk IAX2 Call Number Space Exhaustion Remote Denial of Service Vulnerability
Published	2009-09-03-12:00AM
Updated	2009-09-25-08:30PM
Class	Design Error
CVE	CVE-2009-2346
Remote	Yes
Local	No
Credit	Noam Rathaus and Blake Cornell
Vulnerable	RedHat Fedora 11 RedHat Fedora 10 Asterisk s800i Appliance 1.3 .2 Asterisk s800i Appliance 1.3 Asterisk Asterisk Business Edition C.3.1.0 Asterisk Asterisk Business Edition C.2.4.2 Asterisk Asterisk Business Edition C.2.3.3 Asterisk Asterisk Business Edition C.2.3 .2 Asterisk Asterisk Business Edition C.2.3 Asterisk Asterisk Business Edition C.2.1.2.1 Asterisk Asterisk Business Edition C.1.8.1 Asterisk Asterisk Business Edition C.1.6.2 Asterisk Asterisk Business Edition C.1.6.1 Asterisk Asterisk Business Edition C.1.6 Asterisk Asterisk Business Edition C.1.10.5 Asterisk Asterisk Business Edition C.1.10.4 Asterisk Asterisk Business Edition C.1.10.3 Asterisk Asterisk Business Edition C.1.0beta8 Asterisk Asterisk Business Edition C.1.0beta7 Asterisk Asterisk Business Edition B.2.5.9 Asterisk Asterisk Business Edition B.2.5.8 Asterisk Asterisk Business Edition B.2.5.7 Asterisk Asterisk Business Edition B.2.5.6 Asterisk Asterisk Business Edition B.2.5.5 Asterisk Asterisk Business Edition B.2.5.4 Asterisk Asterisk Business Edition B.2.5.3 Asterisk Asterisk Business Edition B.2.5.2 Asterisk Asterisk Business Edition B.2.5.1 Asterisk Asterisk Business Edition B.2.3.6 Asterisk Asterisk Business Edition B.2.3.5 Asterisk Asterisk Business Edition B.2.3.4 Asterisk Asterisk Business Edition B.2.3.3 Asterisk Asterisk Business Edition B.2.3.2 Asterisk Asterisk Business Edition B.2.3.1 Asterisk Asterisk Business Edition B.2.2.1 Asterisk Asterisk Business Edition B.2.2.1 Asterisk Asterisk Business Edition B.2.2.0 Asterisk Asterisk Business Edition B.2.2.0 Asterisk Asterisk Business Edition B.1.3.3 Asterisk Asterisk Business Edition B.1.3.2 Asterisk Asterisk 1.6.1 5 Asterisk Asterisk 1.6.1 0rc2 Asterisk Asterisk 1.6.1 0rc1 Asterisk Asterisk 1.6.1 Asterisk Asterisk 1.6 beta6 Asterisk Asterisk 1.6 6 Asterisk Asterisk 1.6 3 Asterisk Asterisk 1.6 14 Asterisk Asterisk 1.6 .8 Asterisk Asterisk 1.4.26 1 Asterisk Asterisk 1.4.26 Asterisk Asterisk 1.4.24 .1 Asterisk Asterisk 1.4.24 Asterisk Asterisk 1.4.23 .2 Asterisk Asterisk 1.4.23 .1 Asterisk Asterisk 1.4.23 Asterisk Asterisk 1.4.22 1 Asterisk Asterisk 1.4.22 Asterisk Asterisk 1.4.21 2 Asterisk Asterisk 1.4.21 2 Asterisk Asterisk 1.4.19 rc3 Asterisk Asterisk 1.4.19 .1 Asterisk Asterisk 1.4.19 Asterisk Asterisk 1.4.18 1 Asterisk Asterisk 1.4.18 Asterisk Asterisk 1.4.17 Asterisk Asterisk 1.4.16 Asterisk Asterisk 1.4.15 Asterisk Asterisk 1.4.14 Asterisk Asterisk 1.4.13 Asterisk Asterisk 1.4.12 Asterisk Asterisk 1.4.11 Asterisk Asterisk 1.4.10 Asterisk Asterisk 1.4.9 Asterisk Asterisk 1.4.8 Asterisk Asterisk 1.4.7 Asterisk Asterisk 1.4.6 Asterisk Asterisk 1.4.5 Asterisk Asterisk 1.4.4 Asterisk Asterisk 1.4.3 Asterisk Asterisk 1.4.2 Asterisk Asterisk 1.4.1 Asterisk Asterisk 1.2.34 Asterisk Asterisk 1.2.33 Asterisk Asterisk 1.2.32 Asterisk Asterisk 1.2.31 Asterisk Asterisk 1.2.30 4 Asterisk Asterisk 1.2.30 3 Asterisk Asterisk 1.2.30 Asterisk Asterisk 1.2.29 Asterisk Asterisk 1.2.28 Asterisk Asterisk 1.2.27 Asterisk Asterisk 1.2.27 Asterisk Asterisk 1.2.26 Asterisk Asterisk 1.2.25 Asterisk Asterisk 1.2.24 Asterisk Asterisk 1.2.23 Asterisk Asterisk 1.2.22 Asterisk Asterisk 1.2.21 Asterisk Asterisk 1.2.19 Asterisk Asterisk 1.2.18 Asterisk Asterisk 1.2.17 Asterisk Asterisk 1.2.16 Asterisk Asterisk 1.2.15 Asterisk Asterisk 1.2.14 Asterisk Asterisk 1.2.13 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.10 Asterisk Asterisk 1.2.9 Asterisk Asterisk 1.2.8 Asterisk Asterisk 1.2.7 Asterisk Asterisk 1.2.6 Asterisk Asterisk 1.2.5 Asterisk Asterisk 1.2 .0beta2 Asterisk Asterisk 1.2 .0beta1 Asterisk Asterisk 1.6 Asterisk Asterisk 1.4 revision 95946 Asterisk Asterisk 1.4 Beta
Not Vulnerable	Asterisk s800i Appliance 1.3 3 Asterisk Asterisk Business Edition C.3.1 1 Asterisk Asterisk Business Edition C.2.4.3 Asterisk Asterisk Business Edition B.2.5.10 Asterisk Asterisk 1.6.1 6 Asterisk Asterisk 1.6 15 Asterisk Asterisk 1.4.26 2 Asterisk Asterisk 1.2.35
Code	An attacker can carry out this attack by sending a large number of call messages using a client application.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
2009-12-15 Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability
2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability