CVE-2012-3553
published 2012-06-19CVE-2012-3553: chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service…
PriorityP414medium4CVSS 2.0
AVNACLAuSCNINAP
EPSS
1.73%
74.7th percentile
chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by sending a Station Key Pad Button message and closing a connection in off-hook mode, a related issue to CVE-2012-2948.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
CVSS provenance
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
vendor_debian4.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2012-3553: asterisk - chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10...
vendor_debian·2012·CVSS 4.0
CVE-2012-3553 [MEDIUM] CVE-2012-3553: asterisk - chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10...
chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by sending a Station Key Pad Button message and closing a connection in off-hook mode, a related issue to CVE-2012-2948.
Scope: local
bullseye: resolved
sid: resolved
GHSA
GHSA-9mqv-jvm5-5mv6: chan_skinny
ghsa_unreviewed·2022-05-17·CVSS 4.0
CVE-2012-3553 [MEDIUM] GHSA-9mqv-jvm5-5mv6: chan_skinny
chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by sending a Station Key Pad Button message and closing a connection in off-hook mode, a related issue to CVE-2012-2948.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-3553 asterisk: skinny channel driver remote crash vulnerability
bugzilla·2012-06-16·CVSS 4.0
CVE-2012-3553 [MEDIUM] CVE-2012-3553 asterisk: skinny channel driver remote crash vulnerability
CVE-2012-3553 asterisk: skinny channel driver remote crash vulnerability
AST-2012-008 previously dealt with a denial of service attack exploitable in the Skinny channel driver that occurred when certain messages are sent after a previously registered station sends an Off Hook message. Unresolved in that patch is an issue in the Asterisk 10 releases, wherein, if a Station Key Pad Button Message is processed after an Off Hook message, the channel driver will inappropriately dereference a Null pointer.
Similar to AST-2012-008, a remote attacker with a valid SCCP ID can can use this vulnerability by closing a connection to the Asterisk server when a station is in the "Off Hook" call state and crash the server.
This only affects version 10, and is fixed in 10.5.1.
References:
http://downlo
Bugzilla
CVE-2012-3553 asterisk: skinny channel driver remote crash vulnerability [fedora-17]
bugzilla·2012-06-16·CVSS 4.0
CVE-2012-3553 [MEDIUM] CVE-2012-3553 asterisk: skinny channel driver remote crash vulnerability [fedora-17]
CVE-2012-3553 asterisk: skinny channel driver remote crash vulnerability [fedora-17]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_
2012-06-19
Published