14 matches found
Mageia: Security Advisory (MGASA-2014-0171)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0172)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-455-1 : asterisk security update
CVE-2014-6610 Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the resfaxspandsp module, allows remote authenticated users to cause a denial of service crash via an out of call message, which is not properly handled in the...
[SECURITY] [DLA 455-1] asterisk security update
Package : asterisk Version : 1:1.8.13.1dfsg1-3+deb7u4 CVE ID : CVE-2014-2286 CVE-2014-4046 CVE-2014-6610 CVE-2014-8412 CVE-2014-8418 CVE-2015-3008 Debian Bug : 741313 762164 771463 782411 CVE-2014-6610 Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6...
DLA-455-1 asterisk - security update
Bulletin has no description...
CVE-2014-2286
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote attackers to cause a denial of service stack consumption and possibly execute arbitrary code via an...
CVE-2014-2286
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote attackers to cause a denial of service stack consumption and possibly execute arbitrary code via an...
CVE-2014-2286
CVE-2014-2286 affects Asterisk Open Source by vulnerable main/http.c in 1.8.x <1.8.26.1, 11.8.x <11.8.1, and 12.1.x <12.1.1 (and Certified Asterisk
Updated asterisk packages fix security vulnerabilities
Updated asterisk packages fix security vulnerabilities: In Asterisk before 11.6.1, a 16 bit SMS message that contains an odd message length value will cause the message decoding loop to run forever. The message buffer is not on the stack but will be overflowed resulting in corrupted memory and an...
Digium Asterisk Cookie Stack Overflow (CVE-2014-2286)
A stack-overflow vulnerability has been reported in Digium Asterisk. The vulnerability is due to insufficient validation of Cookie: headers in HTTP requests sent to the HTTP management interface. A remote attacker can exploit this vulnerability to cause a denial-of-service condition...
Fedora Update for asterisk FEDORA-2014-3762
Check for the Version of asterisk OpenVAS Vulnerability Test Fedora Update for asterisk FEDORA-2014-3762 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for asterisk FEDORA-2014-3762
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Asterisk特制HTTP Cookie处理拒绝服务漏洞
CVE ID:CVE-2014-2286 Asterisk是一款实现电话用户交换机(PBX)功能的自由软件、开源软件。 Asterisk在处理包含大量超大cookie头的请求时存在一个溢出漏洞,允许远程攻击者利用漏洞提交恶意请求触发基于栈的溢出,可导致拒绝服务攻击。 0 Asterisk Open Source 1.8.26.0 Asterisk Open Source 11.8.0 Asterisk Open Source 12.1.0 Certified Asterisk 1.8.15-cert4 Certified Asterisk 11.6-cert1 厂商补丁: Asteris...
AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers.
Asterisk Project Security Advisory - AST-2014-001 Product Asterisk Summary Stack Overflow in HTTP Processing of Cookie Headers. Nature of Advisory Denial Of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On February 21, 2014 Reported By Lucas...