CVSS: 6.8EPSS: 0%CPEs: 13EXPL: 0CVE-2021-46837 – Debian Security Advisory 5285-1
https://notcve.org/view.php?id=CVE-2021-46837
30 Aug 2022 — res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrence of the CVE-2019-15297 symptoms but not for exactly the same reason. The crash occurs because there is an append operation relative to the active topology, but this should instead be a replace operation. La funci... • https://downloads.asterisk.org/pub/security/AST-2021-006.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 19EXPL: 0CVE-2022-23608 – Use after free in PJSIP
https://notcve.org/view.php?id=CVE-2022-23608
22 Feb 2022 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior su... • http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 19EXPL: 0CVE-2022-21723 – Out-of-bounds read in multipart parsing in PJSIP
https://notcve.org/view.php?id=CVE-2022-21723
27 Jan 2022 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds. • http://packetstormsecurity.com/files/166227/Asterisk-Project-Security-Advisory-AST-2022-006.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 20EXPL: 0CVE-2021-37706 – Potential integer underflow upon receiving STUN message in PJSIP
https://notcve.org/view.php?id=CVE-2021-37706
22 Dec 2021 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a speciall... • http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.3EPSS: 2%CPEs: 16EXPL: 1CVE-2020-28327
https://notcve.org/view.php?id=CVE-2020-28327
06 Nov 2020 — A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog i... • http://downloads.asterisk.org/pub/security/AST-2020-001.html • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-28242
https://notcve.org/view.php?id=CVE-2020-28242
06 Nov 2020 — An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound aut... • http://downloads.asterisk.org/pub/security/AST-2020-002.html • CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 1%CPEs: 50EXPL: 0CVE-2017-9358
https://notcve.org/view.php?id=CVE-2017-9358
02 Jun 2017 — A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop). Existe una vulnerabilidad de agotamiento de memoria en Asterisk Open Source, en versiones 13.x anteriores a la 13.15.1 y versiones 14.x anteriores a la 14.4.1, y en Certified Asterisk, en versiones... • http://downloads.asterisk.org/pub/security/AST-2017-004.txt • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 235EXPL: 0CVE-2013-2264 – Gentoo Linux Security Advisory 201401-15
https://notcve.org/view.php?id=CVE-2013-2264
29 Mar 2013 — The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2)... • http://downloads.asterisk.org/pub/security/AST-2013-003.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 232EXPL: 0CVE-2013-2686 – Gentoo Linux Security Advisory 201401-15
https://notcve.org/view.php?id=CVE-2013-2686
29 Mar 2013 — main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-59... • http://downloads.asterisk.org/pub/security/AST-2013-002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 117EXPL: 0CVE-2012-2186
https://notcve.org/view.php?id=CVE-2012-2186
31 Aug 2012 — Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action. Vulnerabilidad de lista negra incompleta en main/manager.c ... • http://downloads.asterisk.org/pub/security/AST-2012-012.html •