21 matches found
asterisk -- Remote Crash Vulnerability in chan_sip channel driver
The Asterisk project reports: When T.38 faxing is done in Asterisk a T.38 reinvite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed o...
Asterisk Multiple Denial of Service Vulnerabilities
Asterisk is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2016-2232
Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...
DEBIAN-CVE-2016-2232
Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...
CVE-2016-2232
Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...
Null pointer dereference
Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...
CVE-2016-2232
Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...
CVE-2016-2232
Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a zero length error...
asterisk -- Multiple vulnerabilities
The Asterisk project reports: AST-2016-001 - BEAST vulnerability in HTTP server AST-2016-002 - File descriptor exhaustion in chansip AST-2016-003 - Remote crash vulnerability when receiving UDPTL FAX data...
Digium Asterisk UDPTL Processing Heap Buffer Overflow
Asterisk is an open source software implementation of a telephone private branch exchange PBX. A remote, unauthenticated attacker can exploit this vulnerability to overflow the buffer and execute code on the vulnerable system. If code execution is unsuccessful, this can lead to a denial of servic...
Debian DSA-2225-1 : asterisk - several vulnerabilities
Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit. - CVE-2011-1147 Matthew Nicholson discovered that incorrect handling of UDPTL packets may lead to denial of service or the execution of arbitrary code. - CVE-2011-1174 Blake Cornell discovered that...
CVE-2011-1147
Multiple stack-based and heap-based buffer overflows in the 1 decodeopentype and 2 udptlrxpacket functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW...
CVE-2011-1147
Multiple stack-based and heap-based buffer overflows in the 1 decodeopentype and 2 udptlrxpacket functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW...
Heap overflow
Multiple stack-based and heap-based buffer overflows in the 1 decodeopentype and 2 udptlrxpacket functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW...
CVE-2011-1147
Multiple stack-based and heap-based buffer overflows in the 1 decodeopentype and 2 udptlrxpacket functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW...
CVE-2011-1147
Multiple stack-based and heap-based buffer overflows in the 1 decodeopentype and 2 udptlrxpacket functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW...
Fedora 14 : asterisk-1.6.2.17-1.fc14 (2011-2438)
The Asterisk Development Team has announced the release of Asterisk 1.6.2.17. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/ The release of Asterisk 1.6.2.17 resolves several issues reported by the community and would have not been possib...
Asterisk buffer overflows
Multiple buffer overflows on UDPTL parsing...
AST-2011-002: Multiple array overflow and crash vulnerabilities in UDPTL code
Asterisk Project Security Advisory - AST-2011-002 Product Asterisk Summary Multiple array overflow and crash vulnerabilities in UDPTL code Nature of Advisory Exploitable Stack and Heap Array Overflows Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On...
Asterisk main/udptl.c Buffer Overflows (AST-2011-002)
According to the version in its SIP banner, the version of Asterisk running on the remote host may be vulnerable to heap- and stack-buffer overflow attacks with specially crafted UDPTL packets. Successful exploitation requires T.38 support to be enabled on the target, which is not the default, an...