CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-42706 – Debian Security Advisory 5358-1
https://notcve.org/view.php?id=CVE-2022-42706
05 Dec 2022 — An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the asterisk configuration directory, aka Directory Traversal. Se descubrió un problema en Sangoma Asterisk hasta 16.28, 17 y 18 hasta 18.14, 19 hasta 19.6 y se certificó hasta 18.9-cert1. GetConfig, a través de la interfaz de Asterisk Manager, permite que una aplicación cone... • https://downloads.asterisk.org/pub/security/AST-2022-009.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 19EXPL: 0CVE-2022-23608 – Use after free in PJSIP
https://notcve.org/view.php?id=CVE-2022-23608
22 Feb 2022 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior su... • http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 3%CPEs: 20EXPL: 0CVE-2021-37706 – Potential integer underflow upon receiving STUN message in PJSIP
https://notcve.org/view.php?id=CVE-2021-37706
22 Dec 2021 — PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a speciall... • http://packetstormsecurity.com/files/166225/Asterisk-Project-Security-Advisory-AST-2022-004.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-28242
https://notcve.org/view.php?id=CVE-2020-28242
06 Nov 2020 — An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound aut... • http://downloads.asterisk.org/pub/security/AST-2020-002.html • CWE-674: Uncontrolled Recursion •
CVSS: 5.3EPSS: 4%CPEs: 217EXPL: 0CVE-2019-13161 – Asterisk Project Security Advisory - AST-2019-003
https://notcve.org/view.php?id=CVE-2019-13161
12 Jul 2019 — An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.3... • http://downloads.digium.com/pub/security/AST-2019-003.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 62%CPEs: 7EXPL: 3CVE-2018-7284 – Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption
https://notcve.org/view.php?id=CVE-2018-7284
22 Feb 2018 — A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash. Se ha descub... • https://packetstorm.news/files/id/146577 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 34%CPEs: 5EXPL: 2CVE-2018-7286 – Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service
https://notcve.org/view.php?id=CVE-2018-7286
22 Feb 2018 — An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. res_pjsip allows remote authenticated users to crash Asterisk (segmentation fault) by sending a number of SIP INVITE messages on a TCP or TLS connection and then suddenly closing the connection. Se ha descubierto un problema en Asterisk hasta la versión 13.19.1, versiones 14.x hasta la 14.7.5 y versiones 15.x hasta la 15.2.1; así como Certified Asterisk hasta la vers... • https://packetstorm.news/files/id/146580 •
CVSS: 5.9EPSS: 83%CPEs: 16EXPL: 0CVE-2017-17664
https://notcve.org/view.php?id=CVE-2017-17664
13 Dec 2017 — A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack. Se ha descubierto un problema de cierre inesperado remoto en Asterisk Open Source en versiones 13.x anteriores a la 13.18.4; versiones 14.x anteriores a la 14.7.4 y las versiones 15.x anteriores a la 15.1.4, así como Certified Asterisk en versiones anteriores a la 13.13-cert9. Cier... • http://downloads.digium.com/pub/security/AST-2017-012.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 46%CPEs: 15EXPL: 2CVE-2017-17090 – Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption
https://notcve.org/view.php?id=CVE-2017-17090
02 Dec 2017 — An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk process to use excessive amounts of virtual memory, eventually causing asterisk to stop processing requests of any kind. Se ha descubierto un problema en chan_skinny.c en Asterisk Open Source en versiones 13.18.2 y anteriores, 1... • https://packetstorm.news/files/id/146299 • CWE-459: Incomplete Cleanup •
CVSS: 8.8EPSS: 1%CPEs: 61EXPL: 0CVE-2017-7617
https://notcve.org/view.php?id=CVE-2017-7617
10 Apr 2017 — Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action. La ejecución remota de código puede ocurrir en Asterisk Open Source 13.x en versiones anteriores a 13.14.1 y 14.x en versiones anteriores a 14.3.1 y Asterisk certificado 13.13 en versiones anteriores a 13.13-cert3 debido a ... • http://downloads.asterisk.org/pub/security/AST-2017-001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •