Unrated severityNVD Advisory· Published Jan 8, 2008· Updated Apr 23, 2026
CVE-2008-0095
CVE-2008-0095
Description
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference.
Affected products
5- cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:*:*:*:*:*:*:*:*Range: <=1.4_revision_95945
- cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*Range: <=c.1.0beta7
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- bugs.digium.com/view.phpnvdPatch
- downloads.digium.com/pub/security/AST-2008-001.htmlnvdPatch
- secunia.com/advisories/28312nvdPatchVendor Advisory
- www.securityfocus.com/bid/27110nvdExploitPatch
- secunia.com/advisories/28299nvd
- securityreason.com/securityalert/3520nvd
- www.securityfocus.com/archive/1/485727/100/0/threadednvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/0019nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/39361nvd
- www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.htmlnvd
News mentions
0No linked articles in our index yet.