8 matches found
Gentoo Security Advisory GLSA 201401-15
Gentoo Linux Local Security Checks GLSA 201401-15 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Digium Asterisk SIP SDP Header Parsing Stack Buffer Overflow (CVE-2013-2685)
A buffer overflow vulnerability exists in Asterisk Open Source...
Mandriva Linux Security Advisory : asterisk (MDVSA-2013:140)
Multiple vulnerablilities was identified and fixed in asterisk : The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition BE C.3.x before C.3.8.1; and Asterisk...
Asterisk SIP SDP Buffer Overflow (AST-2013-001)
According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a buffer overflow vulnerability related to SIP SDP headers and h264 video handling. This error could allow execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...
Fedora Update for asterisk FEDORA-2013-4566
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-2685
Stack-based buffer overflow in res/resformatattrh264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol SDP header...
AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header
Asterisk Project Security Advisory - AST-2013-001 Product Asterisk Summary Buffer Overflow Exploit Through SIP SDP Header Nature of Advisory Exploitable Stack Buffer Overflow Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known No Reported On 6 January, 2013 Reported By Ul...
CVE-2013-2685
CVE-2013-2685 affects Asterisk Open Source 11.x prior to 11.2.2; it is a stack-based buffer overflow in res/res_format_attr_h264.c triggered by a long sprop-parameter-sets H.264 attribute in SDP headers, enabling remote code execution. Remediation: upgrade to 11.2.2 or later per vendor advisories...