CVE-2018-7324

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type...

CVE-2018-7324

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type...

Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption

Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer module CVE-2017-17090 - AST-2017-013 Tested on: Asterisk 13.17.2dfsg-2 Description: Asterisk is prone to a remote unauthenticated memory exhaustion The vulnerability is due to an error when the...

Asterisk 13.17.2~dfsg-2 Memory Exhaustion

Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Date and time of release: Nov, 15 2017 Found this and more exploits on my open source security project: http://www.exploitpack.com Tested on: Asterisk 13.17.2dfsg-2 Description: Asterisk is prone to a remote unauthenticated memory...

FreeBSD : asterisk -- Memory exhaustion on short SCCP packets (fab87bff-3ce5-11e7-bf9d-001999f8d30b)

The Asterisk project reports : A remote memory exhaustion can be triggered by sending an SCCP packet to Asterisk system with 'chanskinny' enabled that is larger than the length of the SCCP header but smaller than the packet length specified in the header. The loop that reads the rest of the packe...