10 matches found
SUSE CVE-2007-3765
The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted STUN length attribute in a STUN packet sent on an RTP port...
CVE-2011-1147
Multiple stack-based and heap-based buffer overflows in the 1 decodeopentype and 2 udptlrxpacket functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW...
AST-2011-002: Multiple array overflow and crash vulnerabilities in UDPTL code
Asterisk Project Security Advisory - AST-2011-002 Product Asterisk Summary Multiple array overflow and crash vulnerabilities in UDPTL code Nature of Advisory Exploitable Stack and Heap Array Overflows Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On...
TWSL2010-005: FreePBX recordings interface allows remote code execution
Trustwave's SpiderLabs Security Advisory TWSL2010-005: FreePBX recordings interface allows remote code execution https://www.trustwave.com/spiderlabs/advisories/TWSL2010-005.txt Published: 2010-09-23 Version: 1.0 Vendor: FreePBX http://www.freepbx.org/ Product: FreePBX and VOIP solutions...
FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution
Trustwave's SpiderLabs Security Advisory TWSL2010-005: FreePBX recordings interface allows remote code execution https://www.trustwave.com/spiderlabs/advisories/TWSL2010-005.txt Published: 2010-09-23 Version: 1.0 Vendor: FreePBX http://www.freepbx.org/ Product: FreePBX and VOIP solutions...
CVE-2009-3727
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error message...
CVE-2008-1390
The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values...
CVE-2008-1289
Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote...
Asterisk IAX2隧道驱动IAX2_Write函数远程栈溢出漏洞
BUGTRAQ ID: 24949 CVECAN ID: CVE-2007-3762 Asterisk是开放源码的软件PBX,支持各种VoIP协议和设备。 Asterisk IAX2隧道驱动(chaniax2)中存在栈溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 如果向chaniax2传送了数据负载大于4 kB的RTP帧的话,就可能触发这个漏洞。如果要触发这个漏洞,调用iax2write的帧应满足以下条件: 语音或视频帧 4字节的时间戳与之前所发送帧高2字节相同 格式为预期格式 数据负载大于4kB...
Asterisk SIP T.38 SDP解析远程栈溢出漏洞
Asterisk是一款PBX系统的软件,运行在Linux系统上,支持使用SIP、IAX、H323协议进行IP通话。 Asterisk的SIP/SDP处理器中存在多个远程栈溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 如果所发送SIP报文中的SDP数据包含有超长的T38参数的话,就可以触发这个溢出,导致执行任意代码。这个漏洞是由chansip.c文件中的processsdp函数调用sscanf所导致的: else if sscanfa, "T38FaxRateManagement:%s", s == 1 found = 1; if optiondebug 2 astlogLOGDEBUG...