CVE-2007-4455 — Asterisk vulnerability
4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
5.2%
top 10.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 22
Latest updateMay 1
Description
The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of service (memory exhaustion) via a SIP dialog that causes a large number of history entries to be created.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9
Affected Packages5 packages
🔴Vulnerability Details
2📋Vendor Advisories
1Debian▶
CVE-2007-4455: asterisk - The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, A...↗2007