Lucene search
K

120 matches found

UbuntuCve
UbuntuCve
added 2019/03/28 5:29 p.m.26 views

CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

6.5CVSS6.7AI score0.03811EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/03/28 4:18 p.m.21 views

CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

6.5CVSS6.3AI score0.03811EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/03/28 4:18 p.m.33 views

CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

6.5CVSS6.2AI score0.03811EPSS
Exploits0
CVE
CVE
added 2019/03/28 4:18 p.m.109 views

CVE-2019-7251

CVE-2019-7251 affects the Digium Asterisk project, specifically the res_pjsip_sdp_rtp module. The vulnerability is described as an Integer Signedness issue for a return code in Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier, which could allow remote authenticated users to crash Aster...

6.5CVSS6AI score0.03811EPSS
Exploits0References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2019/01/17 12:0 a.m.5 views

Digium Asterisk Denial of Service (CVE-2018-7286)

A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to improper handling of prematurely closed TCP connections after a SIP INVITE request. Successful exploitation could result in denial of service conditions on the target service...

4CVSS1.8AI score0.38858EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2019/01/16 12:0 a.m.4 views

Digium Asterisk Denial of Service (CVE-2018-7285)

A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to improper handling of RTP packets. Successful exploitation of this vulnerability may result in a denial of service condition on the target service...

5CVSS2AI score0.05132EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2019/01/13 12:0 a.m.3 views

Digium Asterisk WebSocket Denial of Service (CVE-2018-7287)

A denial-of-service vulnerability exists in Digium Asterisk. The vulnerability is due to improper handling of WebSocket payloads. Successful exploitation would result in a crash of the server process leading to denial of service...

4.3CVSS2.2AI score0.11665EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/11/15 12:0 a.m.51 views

Asterisk DoS Vulnerability (AST-2018-010)

Asterisk is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if...

7.5CVSS7.5AI score0.03579EPSS
Exploits1References1
Prion
Prion
added 2018/11/14 8:29 p.m.18 views

Buffer overflow

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...

5CVSS7.7AI score0.03579EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2018/11/14 8:29 p.m.16 views

CVE-2018-19278

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...

7.5CVSS7.7AI score0.03579EPSS
Exploits1References2
OSV
OSV
added 2018/11/14 8:29 p.m.14 views

CVE-2018-19278

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...

7.5CVSS7.4AI score
Exploits0References2
Debian CVE
Debian CVE
added 2018/11/14 8:0 p.m.20 views

CVE-2018-19278

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...

7.5CVSS7.8AI score0.03579EPSS
Exploits1
CVE
CVE
added 2018/11/14 8:0 p.m.84 views

CVE-2018-19278

CVE-2018-19278 affects Digium Asterisk 15.x (before 15.6.2) and 16.x (before 16.0.1). The issue is a buffer overflow in DNS SRV and NAPTR lookups, caused by a mismatch between the buffer size and the compressed vs expanded length, which can be triggered by specially crafted DNS responses and may ...

7.5CVSS7.7AI score0.03579EPSS
Exploits1References2Affected Software1
AlpineLinux
AlpineLinux
added 2018/11/14 8:0 p.m.35 views

CVE-2018-19278

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...

7.5CVSS7.8AI score0.03579EPSS
Exploits1
Cvelist
Cvelist
added 2018/11/14 8:0 p.m.20 views

CVE-2018-19278

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed...

7.7AI score0.03579EPSS
Exploits1References2
CNVD
CNVD
added 2018/06/14 12:0 a.m.2 views

Digium Asterisk Open Source and Certified Asterisk Information Disclosure Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. A security vulnerability exists in Digium...

5.3CVSS5.6AI score0.03532EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/06/13 12:0 a.m.63 views

Asterisk Information Disclosure Vulnerability (AST-2018-008)

Asterisk is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; i...

5.3CVSS5.4AI score0.03532EPSS
Exploits0References2
CNVD
CNVD
added 2018/02/23 12:0 a.m.3 views

Digium Asterisk Open Source and Certified Asterisk Authentication Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. An authentication vulnerability exists in...

7.5CVSS7AI score0.05132EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/22 12:0 a.m.2 views

Digium Asterisk Open Source and Certified Asterisk Buffer Overflow Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. A buffer overflow vulnerability exists in...

7.5CVSS7.1AI score0.58284EPSS
Exploits5References1
Check Point Advisories
Check Point Advisories
added 2018/01/09 12:0 a.m.5 views

Digium Asterisk chan_skinny SCCP session Denial of Service (CVE-2017-17090)

A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to a processing flaw in the chanskinny SCCP packet processing module. A remote unauthenticated attacker can exploit this vulnerability by sending a flood of certain requests to asterisk and exhaust available...

5CVSS3.9AI score0.81511EPSS
Exploits4
Rows per page
Query Builder