Candidate: CVE-2012-0885
PublicDate: 2012-01-25 15:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0885
Description:
 chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before
 10.0.1, when the res_srtp module is used and media support is improperly
 configured, allows remote attackers to cause a denial of service (NULL
 pointer dereference and daemon crash) via a crafted SDP message with a
 crypto attribute and a (1) video or (2) text media type, as demonstrated by
 CSipSimple.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_asterisk:
upstream_asterisk: released (1:1.8.8.2~dfsg-1)
hardy_asterisk: not-affected
lucid_asterisk: not-affected
maverick_asterisk: not-affected
natty_asterisk: not-affected (1:1.6.2.9-2ubuntu2.1)
oneiric_asterisk: ignored (reached end-of-life)
precise_asterisk: not-affected (1:1.8.10.1~dfsg-1ubuntu1)
quantal_asterisk: not-affected
raring_asterisk: not-affected
devel_asterisk: not-affected