2 matches found
CVE-2014-8414
CVE-2014-8414 affects Asterisk 11.x (before 11.14.1) and Certified Asterisk 11.6 (before 11.6-cert8). The issue arises in ConfBridge where state changes are not handled correctly, allowing remote attackers to trigger a denial of service by delaying state transitions, causing the channel to hang a...
FreeBSD : asterisk -- Multiple vulnerabilities (7bfd797c-716d-11e4-b008-001999f8d30b)
The Asterisk project reports : AST-2014-014 - High call load may result in hung channels in ConfBridge. AST-2014-017 - Permission escalation through ConfBridge actions/dialplan functions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...