2 matches found
Asterisk SIP Channel T.38 SDP Parsing Multiple Buffer Overflows
The version of Asterisk running on the remote host contains two stack-based buffer overflows in its SIP SDP handler when attempting to read the 'T38FaxRateManagement:' and 'T38FaxUdpEC:' options in the SDP within a SIP packet. An unauthenticated, remote attacker may be able to leverage this flaw ...
CVE-2007-2293
Asterisk’s SIP channel T.38 SDP parser (chan_sip.c) contains multiple stack-based buffer overflows in process_sdp, exploitable by long T38FaxRateManagement or T38FaxUdpEC SDP parameters in SIP INVITE messages. Affected are Asterisk versions before 1.4.3. Exploitation allows remote code execution;...