4 matches found
CVE-2020-28327
A respjsipsession crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This...
CVE-2020-28327
A vulnerability in Asterisk’s SIP handling (res_pjsip_session) can crash the process when a new SIP Invite is processed. The issue arises from a gap between dialog object creation and its next use, potentially allowing another thread to free the dialog and leading to a crash on dereference. Affec...
CVE-2020-28327
A respjsipsession crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This...
Asterisk Multiple DoS Vulnerabilities (AST-2020-001, AST-2020-002)
Asterisk is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"...