Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2018/09/27 12:0 a.m.36 views

Asterisk 13.x < 13.23.1 / 14.x < 14.7.8 / 15.x < 15.6.1 / 13.21 < 13.21-cert3 HTTP Websocket Stack Overflow (AST-2018-009)

According to its SIP banner, the version of Asterisk running on the remote host is 13.x prior to 13.23.1, 14.x prior to 14.7.8, 15.x prior to 15.6.1, or 13.21 prior to 13.21-cert3. It is therefore, affected by an error related to the reshttpwebsocket.so module that allows a stack overflow error a...

7.5CVSS7.5AI score0.53381EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/04/13 12:0 a.m.38 views

Asterisk 13.13 < 13.13-cert3 / 13.x < 13.14.1 / 14.x < 14.3.1 CDR user Field RCE (AST-2017-001)

According to its SIP banner, the version of Asterisk running on the remote host is 13.13 prior to 13.13-cert3, 13.x prior to 13.14.1, or 14.x prior to 14.3.1. Is it, therefore, affected by a buffer overflow condition due to a failure to check the size when setting the user field on a CDR. An...

8.8CVSS8.2AI score0.06243EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/04/29 12:0 a.m.18 views

Asterisk REGISTER Request Contact URI Handling DoS (AST-2016-004)

According to its SIP banner, the version of Asterisk running on the remote host is either 13.x prior to 13.8.1 or 13.1-cert prior to 13.1-cert5. It is, therefore, affected by a flaw when processing incoming REGISTER requests if the REGISTER contains an overlong URI in the Contact header. An...

5.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/02/06 12:0 a.m.19 views

Asterisk chan_pjsip Incompatible Codecs DoS (AST-2015-001)

According to its SIP banner, the version of Asterisk running on the remote host has a flaw in which it fails to reclaim allocated RTP ports whenever a connection is made to an authenticated endpoint whose SPD offers only codecs that are not allowed by Asterisk. An attacker could exploit this...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/03/14 12:0 a.m.35 views

Asterisk main/http.c DoS (AST-2014-001)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a denial of service vulnerability. A stack overflow flaw exists when an HTTP request with a large number of cookie headers isn't properly validated. A remote attacker could...

7.5CVSS5.6AI score0.1639EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/03/14 12:0 a.m.48 views

Asterisk PJSIP Channel Driver Options DoS (AST-2014-003)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a denial of service vulnerability. A flaw exists in the PJSIP channel driver when the 'qualityfrequency' configuration is enabled on an AOR when the SIP server's challenges fo...

4.3CVSS5.5AI score0.0435EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/12/19 12:0 a.m.28 views

Asterisk Multiple Vulnerabilities (AST-2013-006 / AST-2013-007)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by the following vulnerabilities : - A denial of service vulnerability exists in the 'unpacksms16' function of the 'appsms.c' source file. When a 16-bit SMS message with an unusu...

5CVSS5.9AI score0.14715EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2013/04/10 12:0 a.m.33 views

Asterisk SIP SDP Buffer Overflow (AST-2013-001)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a buffer overflow vulnerability related to SIP SDP headers and h264 video handling. This error could allow execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS6.2AI score0.02621EPSS
Exploits0References3
Rows per page
Query Builder