8 matches found
Gentoo Security Advisory GLSA 201401-15
Gentoo Linux Local Security Checks GLSA 201401-15 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Mandriva Linux Security Advisory : asterisk (MDVSA-2013:140)
Multiple vulnerablilities was identified and fixed in asterisk : The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition BE C.3.x before C.3.8.1; and Asterisk...
Fedora Update for asterisk FEDORA-2013-4528
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-2686
main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which...
CVE-2013-2686
main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which...
AST-2013-002: Denial of Service in HTTP server
Asterisk Project Security Advisory - AST-2013-002 Product Asterisk Summary Denial of Service in HTTP server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Major Exploits Known None Reported On January 21, 2013 Reported By Christoph Hebeisen, TELUS...
CVE-2013-2686
CVE-2013-2686 affects Asterisk Open Source HTTP server: main/http.c does not properly restrict Content-Length, enabling stack-consumption DoS via crafted HTTP POST. Affected: Asterisk 1.8.x before 1.8.20.2; 10.x before 10.12.2; 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; As...
Digium Asterisk HTTP Management Interface Stack Overflow (CVE-2012-5976; CVE-2013-2686)
A stack overflow vulnerability has been reported in Digium Asterisk. The vulnerability is due to an unchecked memory allocation on the stack, which can result in a stack overflow or writing of attacker-controlled data to arbitrary memory locations. A remote attacker can use this vulnerability by...