Lucene search
K

4 matches found

NVD
NVD
added 2014/06/17 2:55 p.m.26 views

CVE-2014-4045

The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when subminexpiry is set to zero, allows remote attackers to cause a denial of service assertion failure and crash via an unsubscribe request when not subscribed to the device...

4.3CVSS6.5AI score0.02769EPSS
Exploits0References3
CVE
CVE
added 2014/06/17 2:0 p.m.59 views

CVE-2014-4045

The CVE-2014-4045 issue affects Asterisk Open Source 12.x prior to 12.3.1, in the PJSIP channel driver's Publish/Subscribe framework. When sub_min_expiry is zero, an unsubscribe request from a not-subscribed endpoint can trigger an assertion and crash (remote DoS). The documented remediation is t...

4.3CVSS6.7AI score0.02769EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/06/17 12:0 a.m.29 views

Asterisk PJSIP Channel Driver Multiple DoS Vulnerabilities (AST-2014-005 / AST-2014-008)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by the following denial of service vulnerabilities in the PJSIP channel driver : - A flaw exists in the publish / subscribe framework when an attempt to unsubscribe is made when...

4.3CVSS5.6AI score0.02769EPSS
Exploits0References8
securityvulns
securityvulns
added 2014/06/13 12:0 a.m.57 views

AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework

Asterisk Project Security Advisory - AST-2014-005 Product Asterisk Summary Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No Reported On March 17, 2014 Reported...

4.3CVSS0.5AI score0.02769EPSS
Exploits0
Rows per page
Query Builder