Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2018/01/02 12:0 a.m.35 views

Debian DLA-1225-1 : asterisk security update

A vulnerability has been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in resource exhaustion and denial of service. CVE-2017-17090: memory leak from chanskinny. If the chanskinny AKA SCCP protocol channel driver is flooded with certain requests it can cause t...

7.5CVSS7.2AI score0.81511EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2017/12/05 12:0 a.m.194 views

Asterisk DoS Vulnerability

Asterisk is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if...

7.5CVSS7.4AI score0.81511EPSS
Exploits4References1
Prion
Prion
added 2017/12/02 12:29 a.m.21 views

Code injection

An issue was discovered in chanskinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chanskinny aka SCCP protocol channel driver is flooded with certain requests, it can cause the asterisk process to use...

5CVSS7.3AI score0.81511EPSS
Exploits4References7Affected Software2
CVE
CVE
added 2017/12/02 12:0 a.m.123 views

CVE-2017-17090

CVE-2017-17090 affects the chan_skinny (SCCP) driver in Asterisk, where flooding the channel driver with certain requests can exhaust VM memory and cause the process to stop handling requests. Public details include both exploitation references (Exploit-DB entry for 13.17.2) and multiple vendor a...

7.5CVSS7.3AI score0.81511EPSS
Exploits4References7Affected Software1
FreeBSD
FreeBSD
added 2017/11/30 12:0 a.m.26 views

asterisk -- DOS Vulnerability in Asterisk chan_skinny

The Asterisk project reports: If the chanskinny AKA SCCP protocol channel driver is flooded with certain requests it can cause the asterisk process to use excessive amounts of virtual memory eventually causing asterisk to stop processing requests of any kind...

7.5CVSS7.7AI score0.81511EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2017/05/22 12:0 a.m.22 views

FreeBSD : asterisk -- Memory exhaustion on short SCCP packets (fab87bff-3ce5-11e7-bf9d-001999f8d30b)

The Asterisk project reports : A remote memory exhaustion can be triggered by sending an SCCP packet to Asterisk system with 'chanskinny' enabled that is larger than the length of the SCCP header but smaller than the packet length specified in the header. The loop that reads the rest of the packe...

5.5AI score
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Asterisk < 1.2.22 / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service

No description provided by source. / AstKilla2.c gcc -o astkilla2 astkilla2.c ./astkilla2 -h 216.246.. In no event will the author of this source be liable for any loss or damage of a material or immaterial nature arising from access to, use or non-use of published information, or from misuse of...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Asterisk <= 1.0.12 / 1.2.12.1 (chan_skinny) Remote Heap Overflow (PoC)

No description provided by source. !/usr/bin/perl Beyond Security Copyright Noam Rathaus [email protected] The following proof of concept causes the chanskippy to crash in different locations and due to memory corruption as well as double free calls, this is based on the finding of...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/07/19 12:0 a.m.20 views

Asterisk &lt; 1.2.22 / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service

No description provided by source. / AstKilla2.c gcc -o astkilla2 astkilla2.c ./astkilla2 -h 216.246.. In no event will the author of this source be liable for any loss or damage of a material or ...

7.1AI score
Exploits0
CVE
CVE
added 2007/07/18 5:0 p.m.79 views

CVE-2007-3764

CVE-2007-3764 affects the Skinny channel driver (chan_skinny) in Asterisk and related builds (Asterisk 1.2.x/1.4.x, Business Edition, AsteriskNOW, Appliance Developer Kit, s800i). The flaw is triggered by a crafted packet with an incorrect data length value, causing an

5CVSS7.1AI score0.3152EPSS
Exploits1References11Affected Software3
exploitpack
exploitpack
added 2007/07/18 12:0 a.m.10 views

Asterisk 1.2.221.4.82.2.1 - chan_skinny Remote Denial of Service

Asterisk 1.2.221.4.82.2.1 - chanskinny Remote Denial of Service / AstKilla2.c gcc -o astkilla2 astkilla2.c ./astkilla2 -h 216.246.. In no event will the author of this source be liable for any loss or damage of a material or immaterial nature arising from access to, use or non-use of published...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/07/18 12:0 a.m.26 views

Asterisk &lt; 1.2.22/1.4.8/2.2.1 - &#039;chan_skinny&#039; Remote Denial of Service

/ AstKilla2.c gcc -o astkilla2 astkilla2.c ./astkilla2 -h 216.246.. In no event will the author of this source be liable for any loss or damage of a material or immaterial nature arising from access to, use or non-use of published information, or from misuse of the connection or technical faults...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/07/18 12:0 a.m.21 views

Asterisk < 1.2.22 / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service

Exploit for multiple platform in category dos / poc ====================================================================== Asterisk include include include include include include include include define SKINNYTCPPORT 2000 define CLEN 1024 define SKINNYMAXSIZE 1000 define REGISTERMESSAGE 0x0001...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.43 views

Asterisk chan_skinny远程缓冲区溢出漏洞

Asterisk是一款PBX系统的软件,运行在Linux系统上,支持使用SIP、IAX、H323协议进行IP通话。 Asterisk的chanskinny.c文件中的static int getinputstruct skinnysession s函数没有正确地验证报文头中用户所提供的长度。远程攻击者可以通过发送特制报文来触发缓冲区溢出漏洞,导致执行任意指令。 asterisk-1.2.12.1/channels/chanskinny.c的2860-2870中的漏洞代码: ---------------- res = reads-fd, s-inbuf, 4; // - integer...

6.9AI score
Exploits0
0day.today
0day.today
added 2006/10/19 12:0 a.m.18 views

Asterisk <= 1.0.12 / 1.2.12.1 (chan_skinny) Remote Heap Overflow (PoC)

Exploit for multiple platform in category dos / poc ====================================================================== Asterisk The following proof of concept causes the chanskippy to crash in different locations and due to memory corruption as well as double free calls, this is based on the...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/19 12:0 a.m.38 views

Asterisk 1.0.12/1.2.12.1 - &#039;chan_skinny&#039; Remote Heap Overflow (PoC)

!/usr/bin/perl Beyond Security Copyright Noam Rathaus The following proof of concept causes the chanskippy to crash in different locations and due to memory corruption as well as double free calls, this is based on the finding of Security-Assessment.com, and proves that the vulnerability is indee...

7.4AI score
Exploits0
Rows per page
Query Builder