CVE-2014-4048
The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0164 (1.6%)
Percentil: 82.0%
EPSS: 2026-05-06
Afecta
digium:asteriskDescripción técnica
The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout.
Publicada: 17/6/2014, 14:55:08
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://downloads.asterisk.org/pub/security/AST-2014-008.html
- http://packetstormsecurity.com/files/127090/Asterisk-Project-Security-Advisory-AST-2014-008.html
- http://www.securityfocus.com/archive/1/532416/100/0/threaded
- http://downloads.asterisk.org/pub/security/AST-2014-008.html
- http://packetstormsecurity.com/files/127090/Asterisk-Project-Security-Advisory-AST-2014-008.html
- http://www.securityfocus.com/archive/1/532416/100/0/threaded