2 matches found
FreeBSD : asterisk -- Remote crash in res_pjsip_diversion (b330db5f-7225-11eb-8386-001999f8d30b)
The Asterisk project reports : If a registered user is tricked into dialing a malicious number that sends lots of 181 responses to Asterisk, each one will cause a 181 to be sent back to the original caller with an increasing number of entries in the 'Supported' header. Eventually the number of...
CVE-2020-35776
Summary of CVE-2020-35776 (CVE ID) : The vulnerability occurs in Sangoma Asterisk due to a buffer overflow in the code path for res_pjsip_diversion.c. Affects Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1. The root cause is a buffer overflow that can be triggered by misusing SIP 181 resp...