asterisk -- Buffer overflow in pjproject header parsing can cause crash in Asterisk

ID 19B052C9-C533-11E7-8DA5-001999F8D30B
Type freebsd
Reporter FreeBSD
Modified 2017-11-15T00:00:00


The Asterisk project reports:

By carefully crafting invalid values in the Cseq and the Via header port, pjprojects packet parsing code can create strings larger than the buffer allocated to hold them. This will usually cause Asterisk to crash immediately. The packets do not have to be authenticated.