Vulnerabilities > CVE-2003-0761 - Remote Security vulnerability in Digium Asterisk 1.2.13

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

digium

NVD

Published: 2003-09-17

Updated: 2008-09-05

Summary

Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.

Vulnerable Configurations

Part	Description	Count
Application	Digium Digium Asterisk 1.2.13	1

References

http://www.atstake.com/research/advisories/2003/a090403-1.txt