CVE-2024-47609

A flaw was found in the hyperium/tonic package. In certain conditions, it may be possible for a remote attacker to cause the application to terminate upon accepting a TCP/TLS stream, which may lead to a denial of service...

CVE-2024-47609 Remotely exploitable DoS in Tonic `<=v0.12.2`

Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. This can be triggered by causing the accept call to error out with errors that...

Asterisk DoS Vulnerability (AST-2018-007)

Asterisk is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if...

CVE-2018-12228

An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusabl...

CVE-2018-12228

An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusabl...

CVE-2018-12228

An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusabl...

CVE-2018-12228

An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusabl...

asterisk -- Infinite loop when reading iostreams

The Asterisk project reports: When connected to Asterisk via TCP/TLS if the client abruptly disconnects, or sends a specially crafted message then Asterisk gets caught in an infinite loop while trying to read the data stream. Thus rendering the system as unusable...

Asterisk 13.17.2 - &#039;chan_skinny&#039; Remote Memory Corruption

Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer module CVE-2017-17090 - AST-2017-013 Tested on: Asterisk 13.17.2dfsg-2 Description: Asterisk is prone to a remote unauthenticated memory exhaustion The vulnerability is due to an error when the...

CVE-2011-1175

tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash by establishing many short TCP sessions to services that use a certain...

CVE-2011-1175

tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash by establishing many short TCP sessions to services that use a certain...