Lucene search
K

4 matches found

Check Point Advisories
Check Point Advisories
added 2019/01/13 12:0 a.m.3 views

Digium Asterisk WebSocket Denial of Service (CVE-2018-7287)

A denial-of-service vulnerability exists in Digium Asterisk. The vulnerability is due to improper handling of WebSocket payloads. Successful exploitation would result in a crash of the server process leading to denial of service...

4.3CVSS2.2AI score0.11665EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/06/15 12:0 a.m.32 views

Asterisk 15.x < 15.2.2 Denial of Service Vulnerability (AST-2018-006)

According to its SIP banner, the version of Asterisk running on the remote host is 15.x prior to 15.2.2. It is therefore, affected by a denial of service vulnerability as described in AST-2018-006 advisory. Note that Nessus has not tested for these issues but has instead relied only on the...

5.9CVSS6.3AI score0.11665EPSS
Exploits0References2
NVD
NVD
added 2018/02/22 12:29 a.m.18 views

CVE-2018-7287

An issue was discovered in reshttpwebsocket.c in Asterisk 15.x through 15.2.1. If the HTTP server is enabled default is disabled, WebSocket payloads of size 0 are mishandled with a busy loop...

5.9CVSS5.6AI score0.11665EPSS
Exploits0References4
CVE
CVE
added 2018/02/22 12:0 a.m.77 views

CVE-2018-7287

CVE-2018-7287 affects Digium/Asterisk 15.x up to 15.2.1. The issue is in the WebSocket handling of the HTTP server (res_http_websocket.c): when WebSocket payloads of size 0 are received (with the HTTP server enabled, default disabled), the code mishandles the payload, causing a busy loop and pote...

5.9CVSS5.8AI score0.11665EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder