| 0 |
|
| 1 |
|
| 2 |
| url |
VCID-58dv-5kdf-nka1 |
| vulnerability_id |
VCID-58dv-5kdf-nka1 |
| summary |
An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashes. This occurs as the code does not properly handle spaces separating the parameters. This does NOT require the endpoint to have Opus configured in Asterisk. This also does not require the endpoint to be authenticated. If guest is enabled for chan_sip or anonymous in chan_pjsip an SDP offer or answer is still processed and the crash occurs. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-9937
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-58dv-5kdf-nka1 |
|
| 3 |
|
| 4 |
| url |
VCID-8j3f-r3ze-yygu |
| vulnerability_id |
VCID-8j3f-r3ze-yygu |
| summary |
The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2014-4048
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8j3f-r3ze-yygu |
|
| 5 |
|
| 6 |
| url |
VCID-8zwv-ea4b-1kgr |
| vulnerability_id |
VCID-8zwv-ea4b-1kgr |
| summary |
An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusable. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2018-12228
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8zwv-ea4b-1kgr |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
| url |
VCID-hv7y-fc1a-a7am |
| vulnerability_id |
VCID-hv7y-fc1a-a7am |
| summary |
The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2014-4045
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hv7y-fc1a-a7am |
|
| 13 |
| url |
VCID-jn6q-ncg1-ufdg |
| vulnerability_id |
VCID-jn6q-ncg1-ufdg |
| summary |
Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend, allows remote attackers to cause a denial of service via an e-mail with an "invalid/corrupted" MIME body, which triggers a crash when the recipient listens to voicemail. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2007-4521
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jn6q-ncg1-ufdg |
|
| 14 |
|
| 15 |
|
| 16 |
| url |
VCID-qbcd-t5kt-4kbz |
| vulnerability_id |
VCID-qbcd-t5kt-4kbz |
| summary |
An issue was discovered in res_http_websocket.c in Asterisk 15.x through 15.2.1. If the HTTP server is enabled (default is disabled), WebSocket payloads of size 0 are mishandled (with a busy loop). |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2018-7287
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qbcd-t5kt-4kbz |
|
| 17 |
|
| 18 |
| url |
VCID-utdf-kxfn-pka3 |
| vulnerability_id |
VCID-utdf-kxfn-pka3 |
| summary |
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2014-6609
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-utdf-kxfn-pka3 |
|
| 19 |
| url |
VCID-y5gf-ck7b-w3dw |
| vulnerability_id |
VCID-y5gf-ck7b-w3dw |
| summary |
A NULL pointer access issue was discovered in Asterisk 15.x through 15.2.1. The RTP support in Asterisk maintains its own registry of dynamic codecs and desired payload numbers. While an SDP negotiation may result in a codec using a different payload number, these desired ones are still stored internally. When an RTP packet was received, this registry would be consulted if the payload number was not found in the negotiated SDP. This registry was incorrectly consulted for all packets, even those which are dynamic. If the payload number resulted in a codec of a different type than the RTP stream (for example, the payload number resulted in a video codec but the stream carried audio), a crash could occur if no stream of that type had been negotiated. This was due to the code incorrectly assuming that a stream of that type would always exist. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2018-7285
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y5gf-ck7b-w3dw |
|
| 20 |
|
| 21 |
| url |
VCID-zm66-9m5e-2bem |
| vulnerability_id |
VCID-zm66-9m5e-2bem |
| summary |
chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by sending a Station Key Pad Button message and closing a connection in off-hook mode, a related issue to CVE-2012-2948. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2012-3553
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zm66-9m5e-2bem |
|