5 matches found
Digium Asterisk res_http_websocket Denial of Service (CVE-2018-17281)
A denial of service vulnerability exists in Digium Asterisk reshttpwebsocket. The vulnerability may occur when sending an HTTP Upgrade Request. Successful exploitation of this vulnerability could allow a remote attacker to cause denial of service conditions on the target system...
CVE-2018-17281
There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...
CVE-2018-17281
There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...
CVE-2018-17281
CVE-2018-17281 affects the Asterisk res_http_websocket.so module and allows an attacker to crash Asterisk by sending a crafted HTTP Upgrade request to websocket. Affected: Asterisk up to 13.23.0, 14.7.x up to 14.7.7, 15.x up to 15.6.0, and Certified Asterisk up to 13.21-cert2. Consequences: denia...
CVE-2018-17281
creationtimestamp| type| source ---|---|--- 2018-09-21 22:22:32+00:00| seen| MISP/5ba56ed4-1114-4265-b26a-60310a021402...