6 matches found
Gentoo Security Advisory GLSA 200905-01 (asterisk)
The remote host is missing updates announced in advisory GLSA 200905-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
openSUSE 10 Security Update : asterisk (asterisk-5524)
This security update fixes multiple security vulnerabilities in asterisk CVE-2008-1897, CVE-2008-2119, CVE-2008-3263, CVE-2008-3264. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Asterisk SIP通道驱动远程拒绝服务漏洞
CVECAN ID: CVE-2008-2119 Asterisk是开放源码的软件PBX,支持各种VoIP协议和设备。 Asterisk在以pedantic模式处理SIP时,Asterisk将From头的值传送给了asturidecode函数进行解码。由于没有检查From值是否为空,因此上述情况可能导致例程崩溃。 Asterisk Asterisk 1.2.x Asterisk Asterisk 1.0.x Asterisk Business Edition B.x.x Asterisk Business Edition A.x.x Asterisk --------...
AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode
Asterisk Project Security Advisory - AST-2008-008 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Remote Crash Vulnerability in SIP channel driver | | | when ru...
CVE-2008-2119
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing aka pedanticsipchecking is enabled, allows remote attackers to cause a denial of service daemon crash via a SIP INVITE message that lacks a From header, related to...
CVE-2008-2119
CVE-2008-2119 affects Asterisk Open Source 1.0.x and 1.2.x (pre-1.2.29) and Business Edition A.x.x/B.x.x (pre-B.2.5.3). In pedantic parsing, From header null/empty values are fed to ast_uri_decode, causing a remote DoS (daemon crash). OpenVAS/Gentoo advisories document this and recommend upgradin...