Lucene search
+L

518 matches found

OSV
OSV
added 2014/11/24 3:59 p.m.5 views

DEBIAN-CVE-2014-8415

Race condition in the chanpjsip channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 allows remote attackers to cause a denial of service assertion failure and crash via a cancel request for a SIP session with a queued action to 1 answer a session or 2 send ringing...

5CVSS6.8AI score0.03041EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/02 12:0 a.m.35 views

Cisco IOS XE Software SIP DoS (cisco-sa-20140924-sip)

According to its self-reported version, the version of Cisco IOS XE running on the remote host is affected by a vulnerability in the Session Initiation Protocol SIP implementation due to improper handling of SIP messages. A remote attacker can exploit this issue by sending specially crafted SIP...

7.8CVSS7.7AI score0.03313EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/09/30 12:0 a.m.46 views

Cisco IOS Software Network Address Translation (NAT) ALG Module DoS (cisco-sa-20140924-nat)

According to its self-reported version, the version of Cisco IOS running on the remote host is affected by a denial of service vulnerability in the Network Address Translation NAT application-layer gateway ALG module. This issue exists due to improper handling of multipart Session Description...

7.1CVSS7.8AI score0.02365EPSS
Exploits0References4
Cisco
Cisco
added 2014/08/11 8:36 p.m.30 views

Cisco Unified Communications Manager SIP Subsystem Vulnerability

A vulnerability in the Session Initiation Protocol SIP subsystem of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, remote attacker to trigger a denial of service condition. The vulnerability is due to a failure by the SIP subsystem to properly sanitize...

6.8CVSS6.8AI score0.02389EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

KPhone 2.x/3.x/4.0.1 Malformed STUN Packet Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10159/info A denial of service vulnerability has been reported in KPhone. This issue may be triggered by a malformed SIP Session Initiation Protocol STUN message. This is due to insufficient validation of user-specified...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

AGEphone 1.28/1.38 SIP Packet Handling Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19148/info AGEphone is prone to a remote buffer-overflow vulnerability. Specifically, this issue presents itself when the application handles a malicious SIP Session Initiation Protocol packet. AGEphone versions 1.24 and...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2014/04/23 12:0 a.m.8 views

PT-2014-4512 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: A memory leak in the SIP inspection engine allows remote attackers to cause a denial of service via crafted SIP packets. This issue affects the Sessio...

5CVSS6.4AI score0.01767EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2014/04/10 4:32 p.m.13 views

Cisco Patches DoS, VPN Issues, Looking Into Heartbleed Impact

Cisco patched four different vulnerabilities this week in one of its core operating systems and is now is beginning to look into the potential impact of this week’s Heartbleed vulnerability in at least 60 of its other products. The patches, released yesterday, fix problems in the company’s Adapti...

0.9AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2014/04/09 12:0 a.m.4 views

PT-2014-1323 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 8.2 before 8.25.48 Cisco Adaptive Security Appliance ASA Software versions 8.4 before 8.46.5 Cisco Adaptive Security Appliance ASA Software versions 9.0 before 9.03.1 Cisco Adaptive...

7.1CVSS9AI score0.01682EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2014/03/31 4:31 p.m.6 views

wireshark: SIP dissector could go into an infinite loop (wnpa-sec-2013-66)

The dissectsipcommon function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

5CVSS6.7AI score0.02307EPSS
Exploits1References5
Cisco
Cisco
added 2014/01/10 9:18 p.m.19 views

Cisco 9900 Series IP Phone Crafted Header Unregister Vulnerability

A vulnerability in Session Initiation Protocol SIP header processing of Cisco fourth-generation IP phones could allow an unauthenticated, remote attacker to cause the IP phone to unregister. The vulnerability is due to improper SIP header processing. An attacker could exploit this vulnerability b...

5.4CVSS6.1AI score0.02663EPSS
Exploits0References1
OSV
OSV
added 2013/12/19 10:55 p.m.2 views

DEBIAN-CVE-2013-7112

The dissectsipcommon function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

5CVSS7.3AI score0.02307EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2013/11/14 12:0 a.m.25 views

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20131106-sip)

A vulnerability exists in the Session Initiation Protocol SIP implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or cause memory leaks that may result in system instabilities. To exploit this vulnerability, affected...

7.8CVSS5.5AI score0.01904EPSS
Exploits0References2
Cisco
Cisco
added 2013/11/06 4:0 p.m.24 views

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

A vulnerability exists in the Session Initiation Protocol SIP implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or cause memory leaks that may result in system instabilities. To exploit this vulnerability, affected...

7.8CVSS6.6AI score0.01904EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2013/11/01 2:55 a.m.3 views

CVE-2013-5555

Cisco Unified Communications Manager aka CUCM or Unified CM allows remote attackers to cause a denial of service service restart via a crafted SIP message, aka Bug ID CSCub54349...

4.3CVSS5.6AI score0.01084EPSS
Exploits0References2
OSV
OSV
added 2013/09/09 5:55 p.m.2 views

DEBIAN-CVE-2013-5642

The SIP channel driver channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.23.1, 10.x before 10.12.3, and 11.x before 11.5.1; Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.3-digiumphones allows remote...

5CVSS6.3AI score0.11653EPSS
Exploits0References1
OSV
OSV
added 2013/09/09 5:55 p.m.2 views

DEBIAN-CVE-2013-5641

The SIP channel driver channels/chansip.c in Asterisk Open Source 1.8.17.x through 1.8.22.x, 1.8.23.x before 1.8.23.1, and 11.x before 11.5.1 and Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2 allows remote attackers to cause a denial of service NULL pointer dereference,...

5CVSS6.8AI score0.04111EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2013/09/09 5:55 p.m.2 views

CVE-2013-5642

The SIP channel driver channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.23.1, 10.x before 10.12.3, and 11.x before 11.5.1; Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.3-digiumphones allows remote...

5CVSS5.6AI score0.11653EPSS
Exploits0References11
OSV
OSV
added 2013/09/09 5:55 p.m.3 views

UBUNTU-CVE-2013-5642

The SIP channel driver channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.23.1, 10.x before 10.12.3, and 11.x before 11.5.1; Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.3-digiumphones allows remote...

5CVSS5.8AI score0.11653EPSS
Exploits0References4
OSV
OSV
added 2013/04/01 4:55 p.m.3 views

DEBIAN-CVE-2013-2264

The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition BE C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits...

5CVSS6.9AI score0.01252EPSS
Exploits0References1
Rows per page
Query Builder