Asterisk 安全漏洞

Asterisk is an Asterisk open source software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk has a security vulnerability that stems from improper authentication of SIP MESSAGE requests, which could lead to identity forgery and spamming...

The vulnerability of the PJSIP_HEADER() function in Asterisk IP telephony management systems and Certified Asterisk versions allows attackers to trigger a service failure.

The vulnerability of the PJSIPHEADER function in Asterisk IP telephony systems and Certified Asterisk is related to the operation of writing data beyond the buffer in memory when processing the update argument. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the PJSIP driver of the Asterisk IP-telephony system allows a hacker to trigger a service failure.

The vulnerability of the PJSIP driver of the Asterisk IP-telephony system is related to the improper handling of repeated INVITES after sending a BYE request. Exploiting this vulnerability allows an attacker who operates remotely to cause service failure...