12 matches found
SUSE CVE-2007-3765
The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted STUN length attribute in a STUN packet sent on an RTP port...
Digium Asterisk Open Source Resource Management Error Vulnerability
Digium Asterisk Open Source is an open source telephone exchange PBX system software from Digium. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR and so on. A security vulnerability exists in Digium Asterisk Open Source versions 12.x prior to 12.8.1...
CVE-2015-1558
Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service file descriptor consumption via an SDP offer containing only incompatible codecs...
CVE-2012-3863
channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones does not properly handle a...
Cross site request forgery (csrf)
channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones does not properly handle a...
CVE-2012-3863
channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones does not properly handle a...
Code injection
The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted STUN length attribute in a STUN packet sent on an RTP port...
CVE-2007-3765
The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted STUN length attribute in a STUN packet sent on an RTP port...
Denial of service
The Avaya 4602 SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service audio quality loss via a flood of packets to the RTP port...
CVE-2007-3322
The Avaya 4602 SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service audio quality loss via a flood of packets to the RTP port...
CVE-2007-3322
The CVE concerns the Avaya 4602 SIP IP Phone (Model 4602D02A) running firmware version 2.2.2 and earlier. The vulnerability arises from using a constant media port for calls, which enables remote attackers to cause a denial of service (audio quality loss) by flooding the RTP port. The connected d...
CVE-2007-3322
The Avaya 4602 SW IP Phone Model 4602D02A with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service audio quality loss via a flood of packets to the RTP port...