12 matches found
NewStart CGSL CORE 5.04 / MAIN 5.04 : libsrtp Multiple Vulnerabilities (NS-SA-2021-0032)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libsrtp packages installed that are affected by multiple vulnerabilities: - The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP...
Scientific Linux Security Update : libsrtp on SL7.x x86_64 (20201001)
Security Fixes : - libsrtp: improper handling of CSRC count and extension header length in RTP header CVE-2015-6360 - libsrtp: buffer overflow in application of crypto profiles CVE-2013-2139 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if...
libsrtp security update
CentOS Errata and Security Advisory CESA-2020:3873 An update for libsrtp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Moderate: Red Hat Security Advisory: libsrtp security and bug fix update
An update for libsrtp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Huawei EulerOS: Security Advisory for libsrtp (EulerOS-SA-2019-2472)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : libsrtp (EulerOS-SA-2019-2472)
According to the versions of the libsrtp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service crash via vectors related to...
openSUSE Security Update : libsrtp (openSUSE-2016-1063)
This update for libsrtp fixes the following issues : - Update to 1.5.4 : - Use BE byte ordering of RTCP trailer. - Allow zero length payload on unprotect. - Update to new upstream release 1.5.3 - Maintenance release, including fix for CVE-2015-6360 boo957376 %NASLMINLEVEL 70300 C Tenable Network...
CVE-2015-6360
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686...
CVE-2015-6360
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686...
CVE-2015-6360
CVE-2015-6360 affects libsrtp/libSRTP, with several advisories noting that the encryption-processing feature allows remote DoS via crafted SRTP packets. The root cause in the reports is improper handling of CSRC count and extension header length in RTP headers, leading to vulnerable RTP processin...
Updated srtp packages fix security vulnerability
Srtp before 1.5.3 is vulnerable to a potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length CVE-2015-6360...
[SECURITY] [DLA 393-1] srtp security update
Package : srtp Version : 1.4.4dfsg-6+deb6u2 CVE ID : CVE-2015-6360 Prevent potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length. Credit goes to Randell Jesup and the Firefox team for reporting this issue. As there is no aead mode available in th...