10 matches found
Mageia: Security Advisory (MGASA-2014-0171)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0172)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 781-2] asterisk regression update
Package : asterisk Version : 1:1.8.13.1dfsg1-3+deb7u6 CVE ID : CVE-2014-2287 Brad Barnett found that the recent security update of Asterisk could cause immediate SIP termination due to an incomplete fix for CVE-2014-2287. For Debian 7 "Wheezy", these problems have been fixed in version...
Debian DLA-781-2 : asterisk regression update
Brad Barnett found that the recent security update of Asterisk could cause immediate SIP termination due to an incomplete fix for CVE-2014-2287. For Debian 7 'Wheezy', these problems have been fixed in version 1:1.8.13.1dfsg1-3+deb7u6. We recommend that you upgrade your asterisk packages. NOTE:...
CVE-2014-2287
CVE-2014-2287 affects Asterisk chan_sip in 1.8.x prior to 1.8.26.1, 11.8.x prior to 11.8.1, and 12.1.x prior to 12.1.1, plus certain Certified Asterisk builds. A remote authenticated user can cause a denial of service by sending an INVITE with a malformed or invalid Session-Expires or Min-SE head...
Updated asterisk packages fix security vulnerabilities
Updated asterisk packages fix security vulnerabilities: In Asterisk before 11.6.1, a 16 bit SMS message that contains an odd message length value will cause the message decoding loop to run forever. The message buffer is not on the stack but will be overflowed resulting in corrupted memory and an...
Fedora Update for asterisk FEDORA-2014-3762
Check for the Version of asterisk OpenVAS Vulnerability Test Fedora Update for asterisk FEDORA-2014-3762 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for asterisk FEDORA-2014-3762
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Asterisk SIP INVITE请求处理拒绝服务漏洞
CVE ID:CVE-2014-2287 Asterisk是一款实现电话用户交换机(PBX)功能的自由软件、开源软件。 Asterisk处理特制的SIP INVITE请求时存在漏洞,由于没有正确释放文件描述符,允许远程攻击者利用漏洞提交恶意请求消耗完所有可用文件描述符,进行拒绝服务攻击。 0 Asterisk Open Source 1.8.26.0 Asterisk Open Source 11.8.0 Asterisk Open Source 12.1.0 Certified Asterisk 1.8.15-cert4 Certified Asterisk 11.6-cert1...
AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers
Asterisk Project Security Advisory - AST-2014-002 Product Asterisk Summary Denial of Service Through File Descriptor Exhaustion with chansip Session-Timers Nature of Advisory Denial of Service Susceptibility Remote Authenticated or Anonymous Sessions Severity Moderate Exploits Known No Reported O...