4 matches found
SUSE CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...
USN-4814-1 asterisk vulnerabilities
Richard Mudgett discovered that Asterisk did not properly check the length of input string when setting the user field for PartyB on a CDR. A remote attacker could use this vulnerability to cause a denial of service crash or potentially execute arbitrary code. CVE-2017-16671 Alex Villacis Lasso...
CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...
CVE-2017-7617
CVE-2017-7617 affects Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1, and Certified Asterisk 13.13 before 13.13-cert3. The issue is a buffer overflow in the CDR user field (in Party A context for the CDR and related to X-ClientCode in chan_sip), enabling remote code execution. Im...