Lucene search
K

5 matches found

Check Point Advisories
Check Point Advisories
added 2020/03/08 12:0 a.m.4 views

Digium Asterisk res_http_websocket Denial of Service (CVE-2018-17281)

A denial of service vulnerability exists in Digium Asterisk reshttpwebsocket. The vulnerability may occur when sending an HTTP Upgrade Request. Successful exploitation of this vulnerability could allow a remote attacker to cause denial of service conditions on the target system...

5CVSS2.7AI score0.53381EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.36 views

Asterisk 13.x < 13.23.1 / 14.x < 14.7.8 / 15.x < 15.6.1 / 13.21 < 13.21-cert3 HTTP Websocket Stack Overflow (AST-2018-009)

According to its SIP banner, the version of Asterisk running on the remote host is 13.x prior to 13.23.1, 14.x prior to 14.7.8, 15.x prior to 15.6.1, or 13.21 prior to 13.21-cert3. It is therefore, affected by an error related to the reshttpwebsocket.so module that allows a stack overflow error a...

7.5CVSS7.5AI score0.53381EPSS
Exploits0References3
OSV
OSV
added 2018/09/24 10:29 p.m.1 views

DEBIAN-CVE-2018-17281

There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...

7.5CVSS7.4AI score0.53381EPSS
Exploits0References1
OSV
OSV
added 2018/09/24 10:29 p.m.2 views

UBUNTU-CVE-2018-17281

There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...

7.5CVSS7.1AI score0.53381EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.44 views

Asterisk 'res_http_websocket' Double-Free DoS (AST-2014-019)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a double-free error related to the 'reshttpwebsocket' module and handling of zero-length payloads that could allow denial of service attacks. Note that Nessus has not tested f...

5CVSS5.5AI score0.09525EPSS
Exploits0References3
Rows per page
Query Builder