{"id": "19B052C9-C533-11E7-8DA5-001999F8D30B", "vendorId": null, "type": "freebsd", "bulletinFamily": "unix", "title": "asterisk -- Buffer overflow in pjproject header parsing can cause crash in Asterisk", "description": "\n\nThe Asterisk project reports:\n\nBy carefully crafting invalid values in the Cseq and\n\t the Via header port, pjprojects packet parsing code can\n\t create strings larger than the buffer allocated to hold\n\t them. This will usually cause Asterisk to crash immediately.\n\t The packets do not have to be authenticated.\n\n\n", "published": "2017-10-05T00:00:00", "modified": "2017-11-15T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://vuxml.freebsd.org/freebsd/19b052c9-c533-11e7-8da5-001999f8d30b.html", "reporter": "FreeBSD", "references": ["https://downloads.asterisk.org/pub/security/AST-2017-009.html"], "cvelist": [], "immutableFields": [], "lastseen": "2022-01-19T15:51:31", "viewCount": 5, "enchantments": {"score": {"value": 3.9, "vector": "NONE"}, "dependencies": {"references": [{"type": "nessus", "idList": ["FREEBSD_PKG_19B052C9C53311E78DA5001999F8D30B.NASL"]}], "rev": 4}, "backreferences": {}, "exploitation": null, "vulnersScore": 3.9}, "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "packageVersion": "13.18.1", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "asterisk13"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "packageVersion": "2.7.1", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "pjsip"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "packageVersion": "2.7.1", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "pjsip-extsrtp"}], "_state": {"dependencies": 1647761411}}

{}