ALPINE-CVE-2021-26713

A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession...

CVE-2021-26713

A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession...

CVE-2021-26713

A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession...

CVE-2021-26713

A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession...

CVE-2021-26713

CVE-2021-26713 affects Sangoma Asterisk: a stack-based buffer overflow in res_rtp_asterisk.c allows an authenticated WebRTC client to crash Asterisk by rapidly issuing multiple hold/unhold requests. Root cause is a signedness comparison mismatch. Affected revisions: Sangoma Asterisk before 16.16....

Digium Certified Asterisk Buffer Error Vulnerability

Digium Certified Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR, and more. A buffer error vulnerability exists in Digium Certified Asterisk. The vulnerability...

PT-2021-17107 · Sangoma +1 · Asterisk +1

Name of the Vulnerable Software and Affected Versions: Sangoma Asterisk versions prior to 16.16.1 Sangoma Asterisk versions 17.x prior to 17.9.2 Sangoma Asterisk versions 18.x prior to 18.2.1 Certified Asterisk versions prior to 16.8-cert6 Description: A stack-based buffer overflow in res rtp...

Atlassian Asterisk Path Traversal Vulnerability

Atlassian Asterisk is a software application from the American company Atlassian. It provides a development program bug tracking feature. A security vulnerability exists in Asterisk. The vulnerability originates from a Hold/Unhold request that could cause a denial of service by causing a fatal...

asterisk -- An unsuspecting user could crash Asterisk with multiple hold/unhold requests

The Asterisk project reports: Due to a signedness comparison mismatch, an authenticated WebRTC client could cause a stack overflow and Asterisk crash by sending multiple hold/unhold requests in quick succession...