Linux Distros Unpatched Vulnerability : CVE-2023-37457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as...

The vulnerability of the PJSIP_HEADER() function in Asterisk IP telephony management systems and Certified Asterisk versions allows attackers to trigger a service failure.

The vulnerability of the PJSIPHEADER function in Asterisk IP telephony systems and Certified Asterisk is related to the operation of writing data beyond the buffer in memory when processing the update argument. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Asterisk 安全漏洞

Asterisk is a software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk suffers from a buffer overflow vulnerability, which stems from the "update" function of the PJSIPHEADER dialplan function that may exceed the available buffer space for...

PT-2023-7750 · Sangoma +2 · Asterisk +3

Name of the Vulnerable Software and Affected Versions: Asterisk versions 18.20.0 and prior Asterisk versions 20.5.0 and prior Asterisk version 21.0.0 certified-asterisk versions 18.9-cert5 and prior Description: The issue is related to the PJSIP HEADER dialplan function in Asterisk, where the...