Launchpad CVE tracker

CVE 2013-2686

main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976.

Related bugs and status

CVE-2013-2686 (Candidate) is related to these bugs:

Bug #1097687: (CVE-2012-5976) AST-2012-014 Crashes due to large stack allocations when using TCP

Summary				In	Importance	Status
	1097687	(CVE-2012-5976) AST-2012-014 Crashes due to large stack allocations when using TCP		asterisk (Ubuntu)	Undecided	Fix Released
	1097687	(CVE-2012-5976) AST-2012-014 Crashes due to large stack allocations when using TCP		asterisk (Debian)	Unknown	Fix Released

Bug #1097691: (CVE-2012-5977) AST-2012-015 Denial of Service Through Exploitation of Device State Caching

Summary				In	Importance	Status
	1097691	(CVE-2012-5977) AST-2012-015 Denial of Service Through Exploitation of Device State Caching		asterisk (Ubuntu)	Undecided	Fix Released
	1097691	(CVE-2012-5977) AST-2012-015 Denial of Service Through Exploitation of Device State Caching		asterisk (Debian)	Unknown	Fix Released

Bug #1205644: Merge asterisk 1:1.8.13.1~dfsg-3 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	1205644	Merge asterisk 1:1.8.13.1~dfsg-3 (universe) from Debian unstable (main)		asterisk (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-2686

References