Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61784
HistoryMar 13, 2014 - 12:00 a.m.

Asterisk SIP INVITE请求处理拒绝服务漏洞

2014-03-1300:00:00
Root
www.seebug.org
11

0.768 High

EPSS

Percentile

97.9%

JSON

CVE ID:CVE-2014-2287

Asterisk是一款实现电话用户交换机(PBX)功能的自由软件、开源软件。

Asterisk处理特制的SIP INVITE请求时存在漏洞,由于没有正确释放文件描述符,允许远程攻击者利用漏洞提交恶意请求消耗完所有可用文件描述符,进行拒绝服务攻击。
0
Asterisk Open Source 1.8.26.0
Asterisk Open Source 11.8.0
Asterisk Open Source 12.1.0
Certified Asterisk 1.8.15-cert4
Certified Asterisk 11.6-cert1
厂商补丁:

Asterisk

Asterisk Open Source 1.8.26.1, 11.8.1, 12.1.1和Certified Asterisk1.8.15-cert4,11.6-cert1已经修复该漏洞,建议用户下载更新:
http://www.asterisk.org/

Related

nessus 7
cve 1
checkpoint_advisories 2
prion 1
securityvulns 2
debian 2
ubuntucve 1
debiancve 1
openvas 8
fedora 2
mageia 2
osv 1
freebsd 1
gentoo 1
nessus
nessus
Asterisk SIP File Descriptor Exhaustion with chan_sip Session-Timers DoS (AST-2014-002)
2014-03-14 00:00:00
Debian DLA-781-2 : asterisk regression update
2017-01-13 00:00:00
Mandriva Linux Security Advisory : asterisk (MDVSA-2014:078)
2014-04-17 00:00:00
cve
cve
CVE-2014-2287
2014-04-18 22:14:00
checkpoint_advisories
checkpoint_advisories
Digium Asterisk File Descriptor Invalid Headers Syntax Denial of Service (CVE-2014-2287)
2014-06-02 00:00:00
Digium Asterisk File Descriptor Denial of Service (CVE-2014-2287)
2014-04-13 00:00:00
prion
prion
Design/Logic Flaw
2014-04-18 22:14:00
securityvulns
securityvulns
AST-2014-002: Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers
2014-03-13 00:00:00
Asterisk multiple security vulnerabilities
2014-03-13 00:00:00
debian
debian
[SECURITY] [DLA 781-2] asterisk regression update
2017-01-27 12:18:40
[SECURITY] [DLA 781-1] asterisk security update
2017-01-13 00:32:18
ubuntucve
ubuntucve
CVE-2014-2287
2014-04-18 00:00:00
debiancve
debiancve
CVE-2014-2287
2014-04-18 22:14:00
openvas
openvas
Fedora Update for asterisk FEDORA-2014-3779
2014-03-25 00:00:00
Fedora Update for asterisk FEDORA-2014-3762
2014-03-25 00:00:00
Debian: Security Advisory (DLA-781-1)
2023-03-08 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: asterisk-11.8.1-1.fc19
2014-03-21 09:29:33
[SECURITY] Fedora 20 Update: asterisk-11.8.1-1.fc20
2014-03-21 09:36:05
mageia
mageia
Updated asterisk packages fix security vulnerabilities
2014-04-15 22:22:45
Updated asterisk packages fix security vulnerabilities
2014-04-15 22:22:45
osv
osv
asterisk - security update
2017-01-13 00:00:00
freebsd
freebsd
asterisk -- multiple vulnerabilities
2014-03-10 00:00:00
gentoo
gentoo
Asterisk: Denial of service
2014-05-03 00:00:00

0.768 High

EPSS

Percentile

97.9%

JSON
Related for SSV:61784
nessus7cve1checkpoint_advisories2prion1securityvulns2debian2ubuntucve1debiancve1openvas8fedora2mageia2osv1freebsd1gentoo1