Lucene search
+L

93 matches found

CNVD
CNVD
added 2017/10/20 12:0 a.m.5 views

PJSIP Teluu pjproject pjlib and pjlib-util Buffer Overflow Vulnerability

PJSIP is an open source, free multimedia communication library written in C. Teluu pjproject pjlib is one of the small framework libraries; pjlib-util is one of the auxiliary tool libraries . An integer overflow vulnerability exists in Teluu pjproject pjlib and pjlib-util in versions of PJSIP pri...

9.8CVSS7.5AI score0.034EPSS
Exploits0References1
OSV
OSV
added 2017/10/13 7:33 p.m.8 views

MGASA-2017-0368 Updated pjproject packages fix security vulnerabilities

Two vulnerabilities were found in the PJSIP/PJProject communication library, which may result in denial of service CVE-2017-9359, CVE-2017-9372...

7.5CVSS7.7AI score0.03989EPSS
Exploits0References5
Mageia
Mageia
added 2017/10/13 7:33 p.m.34 views

Updated pjproject packages fix security vulnerabilities

Two vulnerabilities were found in the PJSIP/PJProject communication library, which may result in denial of service CVE-2017-9359, CVE-2017-9372...

7.5CVSS3.1AI score0.03989EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2017/10/05 12:0 a.m.19 views

asterisk -- Buffer overflow in pjproject header parsing can cause crash in Asterisk

The Asterisk project reports: By carefully crafting invalid values in the Cseq and the Via header port, pjprojects packet parsing code can create strings larger than the buffer allocated to hold them. This will usually cause Asterisk to crash immediately. The packets do not have to be authenticat...

7.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/08/11 12:0 a.m.24 views

Debian DSA-3933-1 : pjproject - security update

Two vulnerabilities were found in the PJSIP/PJProject communication library, which may result in denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3933. The text itself is...

7.5CVSS7.1AI score0.03989EPSS
Exploits0References4
Debian
Debian
added 2017/08/10 6:41 p.m.65 views

[SECURITY] [DSA 3933-1] pjproject security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3933-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2017 https://www.debian.org/security/faq -...

7.5CVSS8.1AI score0.03989EPSS
Exploits0
OSV
OSV
added 2017/08/10 12:0 a.m.14 views

DSA-3933-1 pjproject - security update

Bulletin has no description...

7.5CVSS7.3AI score0.03989EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/08/09 12:0 a.m.17 views

Debian: Security Advisory (DSA-3933-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.03989EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/05/22 12:0 a.m.13 views

FreeBSD : asterisk -- Buffer Overrun in PJSIP transaction layer (0537afa3-3ce0-11e7-bf9d-001999f8d30b)

The Asterisk project reports : A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...

5.7AI score
Exploits0References3
FreeBSD
FreeBSD
added 2017/04/12 12:0 a.m.24 views

asterisk -- Buffer Overrun in PJSIP transaction layer

The Asterisk project reports: A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...

2.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/09 12:0 a.m.9 views

Asterisk PJProject TCP Connection DoS (AST-2016-005)

According to its SIP banner, the version of Asterisk running on the remote host is either 13.x prior to 13.8.1 or 13.1-cert prior to 13.1-cert5. It is, therefore, affected by a flaw in PJProject due to a failure to close TCP connections after receiving new ones. An unauthenticated, remote attacke...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/04/18 12:0 a.m.17 views

FreeBSD : PJSIP -- TCP denial of service in PJProject (e21474c6-031a-11e6-aa86-001999f8d30b)

The Asterisk project reports : PJProject has a limit on the number of TCP connections that it can accept. Furthermore, PJProject does not close TCP connections it accepts. By default, this value is approximately 60. An attacker can deplete the number of allowed TCP connections by opening TCP...

5.5AI score
Exploits0References2
FreeBSD
FreeBSD
added 2016/02/15 12:0 a.m.14 views

PJSIP -- TCP denial of service in PJProject

The Asterisk project reports: PJProject has a limit on the number of TCP connections that it can accept. Furthermore, PJProject does not close TCP connections it accepts. By default, this value is approximately 60. An attacker can deplete the number of allowed TCP connections by opening TCP...

1.7AI score
Exploits0References1
Rows per page
Query Builder