EUVD-2017-18307

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Security flaw in PJSIP allows remote denial of service via crafted SIP packets in Asterisk versions.

Reporter	Title	Published	Views	Family All 16
CNVD	Multiple Asterisk Products 'PJSIP Transaction Layer' Heap Buffer Overflow Vulnerability	26 May 201700:00	–	cnvd
CVE	CVE-2017-9372	2 Jun 201714:00	–	cve
Cvelist	CVE-2017-9372	2 Jun 201714:00	–	cvelist
Debian	[SECURITY] [DSA 3933-1] pjproject security update	10 Aug 201718:41	–	debian
Debian CVE	CVE-2017-9372	2 Jun 201714:00	–	debiancve
Tenable Nessus	Debian DSA-3933-1 : pjproject - security update	11 Aug 201700:00	–	nessus
Mageia	Updated pjproject packages fix security vulnerabilities	13 Oct 201719:33	–	mageia
NVD	CVE-2017-9372	2 Jun 201714:29	–	nvd
OpenVAS	Asterisk Multiple DoS Vulnerabilities (May 2017)	23 May 201700:00	–	openvas
OpenVAS	Debian: Security Advisory (DSA-3933-1)	9 Aug 201700:00	–	openvas

[
  {
    "enisaIdVendor": [
      {
        "id": "c38634b0-9f83-3460-b0b2-b0f3d3fbe74e",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "e0f277d5-9e3c-314c-bcfe-da7f0e559ffe",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
debian	www.debian.org/security/2017/dsa-3933
advisories	www.advisories.mageia.org/CVE-2017-9372.html
bugs	www.bugs.debian.org/863901
downloads	www.downloads.asterisk.org/pub/security/AST-2017-002.txt
securityfocus	www.securityfocus.com/bid/98572
debian	www.debian.org/security/2017/dsa-3933
securitytracker	www.securitytracker.com/id/1038529
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.4High risk

Vulners AI Score7.4

CVSS 37.5

CVSS 25

EPSS0.03658