CVE-2021-26713

A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession...

CVE-2021-26713

A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession...

Digium Certified Asterisk Buffer Error Vulnerability

Digium Certified Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR, and more. A buffer error vulnerability exists in Digium Certified Asterisk. The vulnerability...

PT-2021-17107 · Sangoma +1 · Asterisk +1

Name of the Vulnerable Software and Affected Versions: Sangoma Asterisk versions prior to 16.16.1 Sangoma Asterisk versions 17.x prior to 17.9.2 Sangoma Asterisk versions 18.x prior to 18.2.1 Certified Asterisk versions prior to 16.8-cert6 Description: A stack-based buffer overflow in res rtp...

asterisk -- An unsuspecting user could crash Asterisk with multiple hold/unhold requests

The Asterisk project reports: Due to a signedness comparison mismatch, an authenticated WebRTC client could cause a stack overflow and Asterisk crash by sending multiple hold/unhold requests in quick succession...