61 matches found
MGASA-2021-0559 Updated pjproject packages fix security vulnerability
Updated pjproject packages fix security vulnerability: In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/ listener may get...
Updated pjproject packages fix security vulnerability
Updated pjproject packages fix security vulnerability: In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/ listener may get...
FreeBSD : pjsip -- Race condition in SSL socket server (92ad12b8-ec09-11eb-aef1-0897988a1c07)
pjsip reports : There are a couple of issues found in the SSL socket : - A race condition between callback and destroy, due to the accepted socket having no group lock. - SSL socket parent/listener may get destroyed during handshake. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
FreeBSD : asterisk -- pjproject/pjsip: crash when SSL socket destroyed during handshake (53fbffe6-ebf7-11eb-aef1-0897988a1c07)
The Asterisk project reports : Depending on the timing, it's possible for Asterisk to crash when using a TLS connection if the underlying socket parent/listener gets destroyed during the handshake. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
DEBIAN-CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
Race condition
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
UBUNTU-CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
CVE-2021-32686 Denial of Service in PJSIP
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
CVE-2021-32686
CVE-2021-32686 affects the PJSIP pjproject library prior to 2.11.1. The issue is a race condition in the SSL socket: (1) the accepted socket lacks a group lock, causing a race between callback and destroy, and (2) the SSL socket parent/listener may be destroyed during TLS handshake. These intermi...
pjsip -- Race condition in SSL socket server
pjsip reports: There are a couple of issues found in the SSL socket: A race condition between callback and destroy, due to the accepted socket having no group lock. SSL socket parent/listener may get destroyed during handshake...
CVE-2021-32686
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback a...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
CVE-2014-3230
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the 1 HTTPSCADIR or 2 HTTPSCAFILE environment variable...
openSUSE Security Update : mozilla-nss (openSUSE-2017-504)
Mozilla-nss was updated to 3.28.4 to fix the following issues : Security issues : - CVE-2016-9574: Allow use of session tickets when there is no ticket wrapping key boo1015499, bmo1320695 Non security issues : - A rare crash when initializing an SSL socket fails has been fixed bmo1342358 - Rare...
Dolphin Jetpack - Fast & Flash - Customized SSL, Dangerous filesystem permissions, Insecure SSL socket vulnerabilities
HackApp vulnerability scanner discovered that application Dolphin Jetpack - Fast & Flash published at the 'play' market has multiple vulnerabilities...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk fixes the following issues: - Update to 2.6.7 - OpenJDK 7u111 Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking bsc989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only bsc989734 - S8147771: Construction of static protection domai...