CVE-2015-1558

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2015-1558

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2015-1558.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2015-1558

Downstream

DEBIAN-CVE-2015-1558

UBUNTU-CVE-2015-1558

Published

2015-02-09T11:59:00Z

Modified

2026-04-10T03:45:07.964307Z

Summary

[none]

Details

Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs.

References

http://downloads.asterisk.org/pub/security/AST-2015-001.html
http://seclists.org/fulldisclosure/2015/Jan/116
http://www.securityfocus.com/archive/1/534573/100/0/threaded
http://www.securitytracker.com/id/1031661

CVE-2015-1558

Affected packages