Vulnerabilities > CVE-2007-4280 - Unspecified vulnerability in Asterisk products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

asterisk

NVD

Published: 2007-08-09

Updated: 2024-11-21

Summary

The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array population.

Vulnerable Configurations

Part	Description	Count
Application	Asterisk Asterisk S800I * Asterisk Asterisk * Asterisk Asterisk Appliance Developer KIT * Asterisk Asterisknow *	4

References

http://downloads.digium.com/pub/asa/ASA-2007-019.pdf
http://downloads.digium.com/pub/asa/ASA-2007-019.pdf
http://secunia.com/advisories/26340
http://secunia.com/advisories/26340
http://www.securityfocus.com/bid/25228
http://www.securityfocus.com/bid/25228
http://www.securitytracker.com/id?1018536
http://www.securitytracker.com/id?1018536
http://www.vupen.com/english/advisories/2007/2808
http://www.vupen.com/english/advisories/2007/2808
https://exchange.xforce.ibmcloud.com/vulnerabilities/35870
https://exchange.xforce.ibmcloud.com/vulnerabilities/35870