Candidate: CVE-2011-4063
PublicDate: 2011-10-21 10:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4063
Description:
 chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before
 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables
 during request parsing, which allows remote authenticated users to cause a
 denial of service (daemon crash) via a malformed request.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_asterisk:
 upstream: http://downloads.asterisk.org/pub/security/AST-2011-012.html
upstream_asterisk: released (1.8.7.1, 10.0.0-rc1)
hardy_asterisk: ignored (reached end-of-life)
lucid_asterisk: not-affected
maverick_asterisk: not-affected
natty_asterisk: not-affected (1:1.6.2.9-2ubuntu2.1)
oneiric_asterisk: ignored (reached end-of-life)
precise_asterisk: not-affected (1:1.8.10.1~dfsg-1ubuntu1)
quantal_asterisk: not-affected
raring_asterisk: not-affected
devel_asterisk: not-affected