CVE-2009-4055 - OpenCVE

rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Digium	Asterisk S800i

Configuration 1 [-]

OR	cpe:2.3:a:digium:asterisk:1.2.0:::::::*
	cpe:2.3:a:digium:asterisk:1.2.0:beta1::::::
	cpe:2.3:a:digium:asterisk:1.2.0:beta2::::::
	cpe:2.3:a:digium:asterisk:1.2.0:rc1::::::
	cpe:2.3:a:digium:asterisk:1.2.0:rc2::::::
	cpe:2.3:a:digium:asterisk:1.2.1:::::::*
	cpe:2.3:a:digium:asterisk:1.2.2:::::::*
	cpe:2.3:a:digium:asterisk:1.2.2:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.3:::::::*
	cpe:2.3:a:digium:asterisk:1.2.3:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.10:::::::*
	cpe:2.3:a:digium:asterisk:1.2.10:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.11:::::::*
	cpe:2.3:a:digium:asterisk:1.2.11:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.12:::::::*
	cpe:2.3:a:digium:asterisk:1.2.12:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.12.1:::::::*
	cpe:2.3:a:digium:asterisk:1.2.12.1:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.13:::::::*
	cpe:2.3:a:digium:asterisk:1.2.13:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.14:::::::*
	cpe:2.3:a:digium:asterisk:1.2.15:::::::*
	cpe:2.3:a:digium:asterisk:1.2.15:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.16:::::::*
	cpe:2.3:a:digium:asterisk:1.2.16:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.17:::::::*
	cpe:2.3:a:digium:asterisk:1.2.17:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.18:::::::*
	cpe:2.3:a:digium:asterisk:1.2.18:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.19:::::::*
	cpe:2.3:a:digium:asterisk:1.2.19:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.20:::::::*
	cpe:2.3:a:digium:asterisk:1.2.20:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.21:::::::*
	cpe:2.3:a:digium:asterisk:1.2.21:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.21.1:::::::*
	cpe:2.3:a:digium:asterisk:1.2.21.1:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.22:::::::*
	cpe:2.3:a:digium:asterisk:1.2.22:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.23:::::::*
	cpe:2.3:a:digium:asterisk:1.2.23:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.24:::::::*
	cpe:2.3:a:digium:asterisk:1.2.24:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.25:::::::*
	cpe:2.3:a:digium:asterisk:1.2.25:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.26:::::::*
	cpe:2.3:a:digium:asterisk:1.2.26:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.26.1:::::::*
	cpe:2.3:a:digium:asterisk:1.2.26.1:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.26.2:::::::*
	cpe:2.3:a:digium:asterisk:1.2.26.2:netsec::::::
	cpe:2.3:a:digium:asterisk:1.2.27:::::::*
	cpe:2.3:a:digium:asterisk:1.2.28:::::::*
	cpe:2.3:a:digium:asterisk:1.2.28.1:::::::*
	cpe:2.3:a:digium:asterisk:1.2.29:::::::*
	cpe:2.3:a:digium:asterisk:1.2.30:::::::*
	cpe:2.3:a:digium:asterisk:1.2.30.1:::::::*
	cpe:2.3:a:digium:asterisk:1.2.30.2:::::::*
	cpe:2.3:a:digium:asterisk:1.2.30.3:::::::*
	cpe:2.3:a:digium:asterisk:1.2.30.4:::::::*
	cpe:2.3:a:digium:asterisk:1.2.31:::::::*
	cpe:2.3:a:digium:asterisk:1.2.31.1:::::::*
	cpe:2.3:a:digium:asterisk:1.2.32:::::::*
	cpe:2.3:a:digium:asterisk:1.2.33:::::::*
cpe:2.3:a:digium:asterisk:1.2.34:::::::*
cpe:2.3:a:digium:asterisk:1.2.35:::::::*
cpe:2.3:a:digium:asterisk:1.2.36:::::::*
cpe:2.3:a:digium:asterisk:1.4.0:::::::*
cpe:2.3:a:digium:asterisk:1.4.0:beta1::::::
cpe:2.3:a:digium:asterisk:1.4.0:beta2::::::
cpe:2.3:a:digium:asterisk:1.4.0:beta3::::::
cpe:2.3:a:digium:asterisk:1.4.0:beta4::::::
cpe:2.3:a:digium:asterisk:1.4.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.2:::::::*
cpe:2.3:a:digium:asterisk:1.4.3:::::::*
cpe:2.3:a:digium:asterisk:1.4.4:::::::*
cpe:2.3:a:digium:asterisk:1.4.5:::::::*
cpe:2.3:a:digium:asterisk:1.4.6:::::::*
cpe:2.3:a:digium:asterisk:1.4.7:::::::*
cpe:2.3:a:digium:asterisk:1.4.7.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.8:::::::*
cpe:2.3:a:digium:asterisk:1.4.9:::::::*
cpe:2.3:a:digium:asterisk:1.4.10:::::::*
cpe:2.3:a:digium:asterisk:1.4.10.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.11:::::::*
cpe:2.3:a:digium:asterisk:1.4.12:::::::*
cpe:2.3:a:digium:asterisk:1.4.12.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.13:::::::*
cpe:2.3:a:digium:asterisk:1.4.14:::::::*
cpe:2.3:a:digium:asterisk:1.4.15:::::::*
cpe:2.3:a:digium:asterisk:1.4.16:::::::*
cpe:2.3:a:digium:asterisk:1.4.16.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.16.2:::::::*
cpe:2.3:a:digium:asterisk:1.4.17:::::::*
cpe:2.3:a:digium:asterisk:1.4.18:::::::*
cpe:2.3:a:digium:asterisk:1.4.19:::::::*
cpe:2.3:a:digium:asterisk:1.4.19:rc1::::::
cpe:2.3:a:digium:asterisk:1.4.19:rc2::::::
cpe:2.3:a:digium:asterisk:1.4.19:rc3::::::
cpe:2.3:a:digium:asterisk:1.4.19:rc4::::::
cpe:2.3:a:digium:asterisk:1.4.19.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.19.2:::::::*
cpe:2.3:a:digium:asterisk:1.4.20:::::::*
cpe:2.3:a:digium:asterisk:1.4.20:rc1::::::
cpe:2.3:a:digium:asterisk:1.4.20:rc2::::::
cpe:2.3:a:digium:asterisk:1.4.20:rc3::::::
cpe:2.3:a:digium:asterisk:1.4.20.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.21:::::::*
cpe:2.3:a:digium:asterisk:1.4.21:rc1::::::
cpe:2.3:a:digium:asterisk:1.4.21:rc2::::::
cpe:2.3:a:digium:asterisk:1.4.21.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.21.2:::::::*
cpe:2.3:a:digium:asterisk:1.4.22:::::::*
cpe:2.3:a:digium:asterisk:1.4.22:rc1::::::
cpe:2.3:a:digium:asterisk:1.4.22:rc2::::::
cpe:2.3:a:digium:asterisk:1.4.22:rc3::::::
cpe:2.3:a:digium:asterisk:1.4.22:rc4::::::
cpe:2.3:a:digium:asterisk:1.4.22:rc5::::::
cpe:2.3:a:digium:asterisk:1.4.22.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.22.2:::::::*
cpe:2.3:a:digium:asterisk:1.4.23:::::::*
cpe:2.3:a:digium:asterisk:1.4.23:rc1::::::
cpe:2.3:a:digium:asterisk:1.4.23:rc2::::::
cpe:2.3:a:digium:asterisk:1.4.23:rc3::::::
cpe:2.3:a:digium:asterisk:1.4.23:rc4::::::
cpe:2.3:a:digium:asterisk:1.4.23.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.23.2:::::::*
cpe:2.3:a:digium:asterisk:1.4.24:::::::*
cpe:2.3:a:digium:asterisk:1.4.24:rc1::::::
cpe:2.3:a:digium:asterisk:1.4.24.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.25:::::::*
cpe:2.3:a:digium:asterisk:1.4.25:rc1::::::
cpe:2.3:a:digium:asterisk:1.4.25.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.26:::::::*
cpe:2.3:a:digium:asterisk:1.4.26:rc1::::::
cpe:2.3:a:digium:asterisk:1.4.26:rc2::::::
cpe:2.3:a:digium:asterisk:1.4.26:rc3::::::
cpe:2.3:a:digium:asterisk:1.4.26:rc4::::::
cpe:2.3:a:digium:asterisk:1.4.26:rc5::::::
cpe:2.3:a:digium:asterisk:1.4.26:rc6::::::
cpe:2.3:a:digium:asterisk:1.4.26.1:::::::*
cpe:2.3:a:digium:asterisk:1.4.26.2:::::::*
cpe:2.3:a:digium:asterisk:1.4.27:::::::*
cpe:2.3:a:digium:asterisk:1.4.27:rc5::::::
cpe:2.3:a:digium:asterisk:1.6.0:::::::*
cpe:2.3:a:digium:asterisk:1.6.0:beta1::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta2::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta3::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta4::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta5::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta6::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta7::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta7.1::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta8::::::
cpe:2.3:a:digium:asterisk:1.6.0:beta9::::::
cpe:2.3:a:digium:asterisk:1.6.0:rc4::::::
cpe:2.3:a:digium:asterisk:1.6.0:rc5::::::
cpe:2.3:a:digium:asterisk:1.6.0:rc6::::::
cpe:2.3:a:digium:asterisk:1.6.0.1:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.2:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.3:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.3:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.0.4:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.0.5:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.6:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.7:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.8:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.9:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.10:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.11:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.11:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.0.11:rc2::::::
cpe:2.3:a:digium:asterisk:1.6.0.14:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.14:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.0.15:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.16:::::::*
cpe:2.3:a:digium:asterisk:1.6.0.16:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.0.16:rc2::::::
cpe:2.3:a:digium:asterisk:1.6.0.18:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.0:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.0:rc2::::::
cpe:2.3:a:digium:asterisk:1.6.1.0:rc3::::::
cpe:2.3:a:digium:asterisk:1.6.1.0:rc4::::::
cpe:2.3:a:digium:asterisk:1.6.1.0:rc5::::::
cpe:2.3:a:digium:asterisk:1.6.1.1:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.2:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.3:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.1.4:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.5:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.5:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.1.6:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.7:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.1.7:rc2::::::
cpe:2.3:a:digium:asterisk:1.6.1.8:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.10:::::::*
cpe:2.3:a:digium:asterisk:1.6.1.10:rc1::::::
cpe:2.3:a:digium:asterisk:1.6.1.10:rc2::::::
cpe:2.3:a:digium:asterisk:1.6.1.10:rc3::::::

Configuration 2 [-]

OR	cpe:2.3:h:digium:s800i:1.3.0:::::::*
	cpe:2.3:h:digium:s800i:1.3.0.2:::::::*
	cpe:2.3:h:digium:s800i:1.3.0.3:::::::*
	cpe:2.3:h:digium:s800i:1.3.0.4:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:digium:asterisk:b:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.1.3.2:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.1.3.3:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.2.0:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.2.1:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.3.1:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.3.2:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.3.3:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.3.4:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.3.5:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.3.6:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.5.0:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.5.1:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.5.2:-:business:::::*
	cpe:2.3:a:digium:asterisk:b.2.5.3:-:business:::::*
	cpe:2.3:a:digium:asterisk:c:-:business:::::*
	cpe:2.3:a:digium:asterisk:c.2.3:-:business:::::*
	cpe:2.3:a:digium:asterisk:c.3.0:-:business:::::*

No data.

References

Link	Providers
http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt
http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt
http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt
http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt
http://downloads.digium.com/pub/security/AST-2009-010.html
http://secunia.com/advisories/37530
http://secunia.com/advisories/37677
http://secunia.com/advisories/37708
http://securitytracker.com/id?1023249
http://www.debian.org/security/2009/dsa-1952
http://www.osvdb.org/60569
http://www.redhat.com/archives/fedora-package-announce/2009-December/msg00759.html
http://www.securityfocus.com/archive/1/508147/100/0/threaded
http://www.securityfocus.com/bid/37153
http://www.vupen.com/english/advisories/2009/3368
https://exchange.xforce.ibmcloud.com/vulnerabilities/54471
https://issues.asterisk.org/view.php?id=16242

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-12-02T11:00:00

Updated: 2024-08-07T06:45:51.226Z

Reserved: 2009-11-23T00:00:00

Link: CVE-2009-4055

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-12-02T11:30:00.517

Modified: 2018-10-10T19:48:16.067

Link: CVE-2009-4055

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object