70 matches found
Huawei EulerOS: Security Advisory for libsrtp (EulerOS-SA-2020-1787)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : libsrtp (EulerOS-SA-2020-1787)
According to the version of the libsrtp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service crash via vector...
Huawei EulerOS: Security Advisory for libsrtp (EulerOS-SA-2019-2617)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libsrtp (EulerOS-SA-2019-2472)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : libsrtp (EulerOS-SA-2019-2706)
According to the version of the libsrtp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service crash via vectors related to a...
EulerOS 2.0 SP3 : libsrtp (EulerOS-SA-2019-2617)
According to the versions of the libsrtp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service crash via vectors related to...
EulerOS 2.0 SP2 : libsrtp (EulerOS-SA-2019-2472)
According to the versions of the libsrtp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service crash via vectors related to...
Cisco Unity Connection libSRTP Denial of Service Vulnerability
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid130015; scriptversion"1.2"; scriptcvsdate"Date: 2019/10/18 23:14:14...
Adventures in Video Conferencing Part 3: The Even Wilder World of WhatsApp
Posted by Natalie Silvanovich, Project Zero WhatsApp is another application that supports video conferencing that does not use WebRTC as its core implementation. Instead, it uses PJSIP, which contains some WebRTC code, but also contains a substantial amount of other code, and predates the WebRTC...
openSUSE Security Update : libsrtp (openSUSE-2016-1063)
This update for libsrtp fixes the following issues : - Update to 1.5.4 : - Use BE byte ordering of RTCP trailer. - Allow zero length payload on unprotect. - Update to new upstream release 1.5.3 - Maintenance release, including fix for CVE-2015-6360 boo957376 %NASLMINLEVEL 70300 C Tenable Network...
Cisco IOS XE libsrtp DoS (CSCux04317)
The remote Cisco IOS XE device is missing vendor-supplied security patches, and it is configured to use the Cisco Unified Border Element CUBE or Session Border Controller SBC features. It is, therefore, affected by an integer underflow condition in the Secure Real-Time Transport Protocol SRTP...
Cisco ASA libsrtp DoS (CSCux00686)
The remote Cisco Adaptive Security Appliance ASA is missing vendor-supplied security patches, and it is configured to use the Phone Proxy feature. It is, therefore, affected by an integer underflow condition in the Secure Real-Time Transport Protocol SRTP library due to improper validation of...
Cisco ASA Software libSRTP Denial of Service Vulnerability (cisco-sa-20160420-libsrtp)
Cisco released version 1.5.3 of the Secure Real-Time Transport Protocol SRTP library libSRTP, which addresses a denial of service DoS vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
Multiple Cisco Products libSRTP Denial of Service Vulnerability
Cisco released version 1.5.3 of the Secure Real-Time Transport Protocol SRTP library libSRTP, which addresses a denial of service DoS vulnerability. Multiple Cisco products incorporate a vulnerable version of the libSRTP library. The vulnerability is in the encryption processing subsystem of...
CVE-2015-6360
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686...
Code injection
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686...
CVE-2015-6360
CVE-2015-6360 affects libsrtp/libSRTP, with several advisories noting that the encryption-processing feature allows remote DoS via crafted SRTP packets. The root cause in the reports is improper handling of CSRC count and extension header length in RTP headers, leading to vulnerable RTP processin...
CVE-2015-6360
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686...
CVE-2015-6360
Removed by vendor...
Multiple Cisco Products libSRTP Denial of Service Vulnerability
Cisco released version 1.5.3 of the Secure Real-Time Transport Protocol SRTP library libSRTP, which addresses a denial of service DoS vulnerability. Multiple Cisco products incorporate a vulnerable version of the libSRTP library. The vulnerability is in the encryption processing subsystem of...