Linux Distros Unpatched Vulnerability : CVE-2020-35776

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in respjsipdiversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by...

Sangoma Asterisk Buffer Overflow Vulnerability

Sangoma Asterisk is an application from Sangoma. A buffer overflow vulnerability exists in Sangoma Asterisk. The vulnerability stems from incorrect handling of the respjsipdiversion.c file and can be exploited by an attacker to intentionally misuse a SIP181 response to cause the application to...

Asterisk DoS Vulnerability (AST-2021-001)

Asterisk is prone to a denial of service vulnerability in respjsipdiversion. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

FreeBSD : asterisk -- Remote crash in res_pjsip_diversion (b330db5f-7225-11eb-8386-001999f8d30b)

The Asterisk project reports : If a registered user is tricked into dialing a malicious number that sends lots of 181 responses to Asterisk, each one will cause a 181 to be sent back to the original caller with an increasing number of entries in the 'Supported' header. Eventually the number of...

DEBIAN-CVE-2020-35776

A buffer overflow in respjsipdiversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses...

Atlassian Asterisk 缓冲区错误漏洞

Sangoma Asterisk is an application from Sangoma. A buffer overflow vulnerability exists in Sangoma Asterisk. The vulnerability stems from incorrect handling of the respjsipdiversion.c file and can be exploited by an attacker to intentionally misuse a SIP181 response to cause the application to...

CVE-2020-35652

An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...

asterisk -- Remote crash in res_pjsip_diversion

The Asterisk project reports: If a registered user is tricked into dialing a malicious number that sends lots of 181 responses to Asterisk, each one will cause a 181 to be sent back to the original caller with an increasing number of entries in the "Supported" header. Eventually the number of...

Asterisk Multiple DoS Vulnerabilities (AST-2020-003, AST-2020-004)

Asterisk is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"...

FreeBSD : asterisk -- Remote crash in res_pjsip_diversion (6adf6ce0-44a6-11eb-95b7-001999f8d30b)

The Asterisk project reports : AST-2020-003: A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri. AST-2020-004: A crash can occur in Asterisk when a SIP 181 response is received that has a Diversion header, which contains a tel-uri...

asterisk -- Remote crash in res_pjsip_diversion

The Asterisk project reports: AST-2020-003: A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri. AST-2020-004: A crash can occur in Asterisk when a SIP 181 response is received that has a Diversion header, which contains a tel-uri...