CVE-2011-1175

Medium

5/10

Summary

tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many short TCP sessions to services that use a certain TLS API.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: PARTIAL

References

Advisory Timeline

Published Mar 31, 2011

CVE-2011-1175

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS