4 matches found
[SECURITY] [DSA 5596-1] asterisk security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5596-1 [email protected] https://www.debian.org/security/ Markus Koschany January 04, 2024 https://www.debian.org/security/faq -...
Asterisk Multiple Vulnerabilities (Dec 2023)
Asterisk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if description...
CVE-2023-37457
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIPHEADER dialplan function can exceed the available buffer space...
CVE-2023-37457
CVE-2023-37457 affects Asterisk and its PJSIP_HEADER dialplan function. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; and ceritifed-asterisk 18.9-cert5 and prior, the update functionality can exceed the header storage buffer, potentially overwriting memory or causing a cra...