The vulnerability of the implementations of DTLS (Datagram Transport Layer Security) and SRTP protocols in Asterisk IP-telephony management systems and Certified Asterisk allows a attacker to induce a service failure.

The vulnerability of DTLS and SRTP protocols for Asterisk IP-telephony systems and Certified Asterisk arises from the behavior of the message processing mechanism during ClientHello messages. Exploiting this vulnerability allows a malicious actor to cause service failures...

UBUNTU-CVE-2023-49786

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk prior to 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS protocol when...

Emerson Proficy Machine Edition 数据伪造问题漏洞

Emerson Proficy Machine Edition is an application from Emerson, Inc. an automation solution. A data forgery issue vulnerability exists in Emerson Proficy Machine Edition version 9.00 and prior versions, which stems from the lack of authentication or authorization of packets after a connection is...