PROTOCOL-VOIP -- Snort has detected traffic that may indicate the presence of the VOIP protocol or vulnerabilities in the VOIP protocol on the network.
PROTOCOL-VOIP Digium Asterisk SCCP capabilities response message capabilities count overflow attempt
The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array population. Impact: CVSS base score 3.5 CVSS impact score 2.9 CVSS exploitability score 6.8 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
No information provided
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
CVE-2007-4280 |
Loading description
|