DEBIAN-CVE-2012-0885

Source
https://security-tracker.debian.org/tracker/CVE-2012-0885
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2012-0885.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2012-0885
Upstream
Published
2012-01-25T15:55:01.190Z
Modified
2026-07-13T06:00:16.724907405Z
Summary
[none]
Details

chansip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the ressrtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.

References

Affected packages

Debian:11 / asterisk

Package

Name
asterisk
Purl
pkg:deb/debian/asterisk?arch=source&distro=bullseye

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.8.2~dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2012-0885.json"

Debian:14 / asterisk

Package

Name
asterisk
Purl
pkg:deb/debian/asterisk?arch=source&distro=forky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.8.2~dfsg-1

Affected versions

0.*
0.1.11-3
0.1.11-3woody1
1:1.*
1:1.0.5-2
1:1.0.5-4
1:1.0.6-1
1:1.0.6-2
1:1.0.7-1
1:1.0.7.dfsg.1-1
1:1.0.7.dfsg.1-2
1:1.0.7.dfsg.1-2sarge1
1:1.0.7.dfsg.1-2sarge2
1:1.0.7.dfsg.1-2sarge3
1:1.0.7.dfsg.1-2sarge4
1:1.0.7.dfsg.1-2sarge5
1:1.0.7.dfsg.1-2sarge6
1:1.0.9.dfsg-1
1:1.0.9.dfsg-3
1:1.0.9.dfsg-4
1:1.0.9.dfsg-5
1:1.0.9.dfsg-6
1:1.2.0-beta1.dfsg-1
1:1.2.0-beta2.dfsg-1
1:1.2.0-beta2.dfsg-2
1:1.2.0-beta2.dfsg-3
1:1.2.0-rc1.dfsg-1
1:1.2.0-rc2.dfsg-1
1:1.2.0.dfsg-1
1:1.2.0.dfsg-2
1:1.2.0.dfsg-3
1:1.2.0.dfsg-4
1:1.2.0.dfsg-5
1:1.2.0.dfsg-6
1:1.2.1.dfsg-1
1:1.2.1.dfsg-2
1:1.2.1.dfsg-3
1:1.2.4.dfsg-1
1:1.2.4.dfsg-2
1:1.2.4.dfsg-3
1:1.2.4.dfsg-4
1:1.2.4.dfsg-5
1:1.2.4.dfsg-6
1:1.2.4.dfsg-6+b1
1:1.2.4.dfsg-7
1:1.2.7.1.dfsg-1
1:1.2.7.1.dfsg-2
1:1.2.7.1.dfsg-3
1:1.2.9.1.dfsg-1
1:1.2.10.dfsg-1
1:1.2.10.dfsg-1bpo1
1:1.2.10.dfsg-2
1:1.2.10.dfsg-3
1:1.2.11.dfsg-1
1:1.2.12.1.dfsg-1
1:1.2.13~dfsg-1
1:1.2.13~dfsg-2
1:1.2.13~dfsg-2etch1
1:1.2.13~dfsg-2etch2
1:1.2.13~dfsg-2etch3
1:1.2.13~dfsg-2etch4
1:1.2.14~dfsg-1
1:1.2.14~dfsg-2
1:1.2.14~dfsg-3
1:1.2.14~dfsg-4
1:1.2.15~dfsg-1
1:1.2.16~dfsg-1
1:1.2.17~dfsg-1
1:1.4.2~dfsg-1
1:1.4.2~dfsg-2
1:1.4.2~dfsg-3
1:1.4.2~dfsg-4
1:1.4.2~dfsg-5
1:1.4.3~dfsg-1
1:1.4.4~dfsg-1
1:1.4.4~dfsg-2
1:1.4.4~dfsg-3
1:1.4.5~dfsg-1
1:1.4.6~dfsg-1
1:1.4.8~dfsg-1
1:1.4.8~dfsg-2
1:1.4.9~dfsg-1
1:1.4.10~dfsg-1
1:1.4.11~dfsg-1
1:1.4.11~dfsg-2
1:1.4.11~dfsg-3
1:1.4.11~dfsg-4
1:1.4.13~dfsg-1
1:1.4.15~dfsg-1
1:1.4.16.2~dfsg-1
1:1.4.16.2~dfsg-2
1:1.4.17~dfsg-1
1:1.4.17~dfsg-2
1:1.4.18~dfsg-1
1:1.4.18.1~dfsg-1
1:1.4.19.1~dfsg-1
1:1.4.20~dfsg-1
1:1.4.21.1~dfsg-1
1:1.4.21.2~dfsg-1
1:1.4.21.2~dfsg-2
1:1.4.21.2~dfsg-3
1:1.4.21.2~dfsg-3+lenny1
1:1.4.21.2~dfsg-3+lenny2
1:1.4.21.2~dfsg-3+lenny2.1
1:1.4.21.2~dfsg-3+lenny3
1:1.4.21.2~dfsg-3+lenny5
1:1.4.21.2~dfsg-3+lenny6
1:1.4.21.2~dfsg-3.1
1:1.6.1.0~dfsg~rc3-1
1:1.6.1.0~dfsg-1
1:1.6.2.0~dfsg~beta3-1
1:1.6.2.0~dfsg~rc1-1
1:1.6.2.0~rc3-1
1:1.6.2.0~rc3-2
1:1.6.2.0~rc6-1
1:1.6.2.0~rc7-1
1:1.6.2.0-1
1:1.6.2.2-1
1:1.6.2.6-1
1:1.6.2.7-1
1:1.6.2.9-1~bpo50+1
1:1.6.2.9-1~bpo50+2
1:1.6.2.9-1~bpo50+3
1:1.6.2.9-1
1:1.6.2.9-2
1:1.6.2.9-2+squeeze1
1:1.6.2.9-2+squeeze2
1:1.6.2.9-2+squeeze3
1:1.6.2.9-2+squeeze4
1:1.6.2.9-2+squeeze5
1:1.6.2.9-2+squeeze6
1:1.6.2.9-2+squeeze7
1:1.6.2.9-2+squeeze8
1:1.6.2.9-2+squeeze9
1:1.6.2.9-2+squeeze10
1:1.6.2.9-2+squeeze11
1:1.6.2.9-2+squeeze12
1:1.8.3.3-1
1:1.8.4-1
1:1.8.4.2-1
1:1.8.4.3-1
1:1.8.4.4~dfsg-1
1:1.8.4.4~dfsg-2
1:1.8.7.1~dfsg-1
1:1.8.7.1~dfsg-2
1:1.8.7.1~dfsg-3
1:1.8.8.0~dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2012-0885.json"