EUVD-2013-2625

Malware in sbrugna...

Gentoo Security Advisory GLSA 201401-15

Gentoo Linux Local Security Checks GLSA 201401-15 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

CVE-2013-2686

main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which...

Asterisk Multiple Vulnerabilities (AST-2012-014 / AST-2012-015)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by the following vulnerabilities : - A stack-based buffer overflow error exists related to SIP, HTTP and XMPP handling over TCP. Note that in the case of 'Certified Asterisk', SI...

Fedora Update for asterisk FEDORA-2013-0994

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for asterisk FEDORA-2013-1003

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...

Digium Asterisk HTTP Management Interface Stack Overflow (CVE-2012-5976; CVE-2013-2686)

A stack overflow vulnerability has been reported in Digium Asterisk. The vulnerability is due to an unchecked memory allocation on the stack, which can result in a stack overflow or writing of attacker-controlled data to arbitrary memory locations. A remote attacker can use this vulnerability by...

[SECURITY] [DSA 2605-2] asterisk regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-2605-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 19, 2013 http://www.debian.org/security/faq -...

AST-2012-014: Crashes due to large stack allocations when using TCP

Asterisk Project Security Advisory - AST-2012-014 Product Asterisk Summary Crashes due to large stack allocations when using TCP Nature of Advisory Stack Overflow Susceptibility Remote Unauthenticated Sessions SIP Remote Authenticated Sessions XMPP, HTTP Severity Critical Exploits Known No Report...

CVE-2012-5976

CVE-2012-5976 describes stack-consumption vulnerabilities in Asterisk Open Source where parsing of TCP-based protocols (SIP, HTTP, XMPP) could be exploited to crash the daemon. Affected: Asterisk 1.8.x before 1.8.19.1, 10.x before 10.11.1, 11.x before 11.1.2; and corresponding Certified Asterisk ...