Page 2 of 13 results (0.001 seconds)

CVSS: 7.5EPSS: 97%CPEs: 8EXPL: 3

Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote attackers to (1) write a zero to an arbitrary memory location via a large RTP payload number, related to the ast_rtp_unset_m_type function in main/rtp.c; or (2) write certain integers to an arbitrary memory location via a large number of RTP payloads, related to the process_sdp function in channels/chan_sip.c. Múltiples desbordamientos de búfer en Asterisk Open Source 1.4.x antes de 1.4.18.1 y 1.4.19-rc3, Open Source 1.6.x antes de 1.6.0-beta6, Business Edition C.x.x antes de C.1.6.1, AsteriskNOW 1.0.x antes de 1.0.2, Appliance Developer Kit antes de 1.4 revisión 109386 y s800i 1.1.x antes de 1.1.0.2 permite a atacantes remotos (1) escribir un cero en una posición de memoria de su elección a través de un número de carga útil (payload) RTP grande, relacionada con la función ast_rtp_unset_m_type en main/rtp.c; o (2) escribir ciertos enteros en una posición de memoria de su elección a través de un número grande de cargas útiles RTP, relacionadas con la función process_sdp en channels/chan_sip.c. • https://www.exploit-db.com/exploits/31440 http://downloads.digium.com/pub/security/AST-2008-002.html http://labs.musecurity.com/advisories/MU-200803-01.txt http://secunia.com/advisories/29426 http://secunia.com/advisories/29470 http://securityreason.com/securityalert/3763 http://securitytracker.com/id?1019628 http://www.asterisk.org/node/48466 http://www.securityfocus.com/archive/1/489817/100/0/threaded http://www.securityfocus.com/bid/28308 http://www.vupen.com/english&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 95%CPEs: 5EXPL: 2

The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference. El controlador de canal SIP de Asterisk Open Source 1.4.x versiones anteriores a 1.4.17, Business Edition versiones anteriores a C.1.0-beta8, AsteriskNOW versiones anteriores a beta7, Appliance Developer Kit versiones anteriores a Asterisk 1.4 revision 95946, y Appliance s800i 1.0.x versiones anteriores a 1.0.3.4 permite a atacantes remotos provocar una denegación de servicio (cáida de demonio) mediante un mensaje BYE con una cabecera Also (tranfiere también), que dispara un referencia a puntero NULL. • https://www.exploit-db.com/exploits/30974 http://bugs.digium.com/view.php?id=11637 http://downloads.digium.com/pub/security/AST-2008-001.html http://secunia.com/advisories/28299 http://secunia.com/advisories/28312 http://securityreason.com/securityalert/3520 http://www.securityfocus.com/archive/1/485727/100/0/threaded http://www.securityfocus.com/bid/27110 http://www.securitytracker.com/id?1019152 http://www.vupen.com/english/advisories/2008/0019 https://exchange.xforce • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 11%CPEs: 3EXPL: 0

The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of service (memory exhaustion) via a SIP dialog that causes a large number of history entries to be created. El controlador de canal SIP (chan_sip) en Asterisk Open Source 1.4.x anterior a 1.4.11, AsteriskNOW anterior a beta7, Asterisk Appliance Developer Kit 0.x anterior a 0.8.0, y s800i (Asterisk Appliance) 1.x anterior a 1.0.3 permite a atacantes remotos provocar una denegación de servicio (agotamiento de memoria) mediante un diálogo SIP que provoca que se cree un gran número de entradas de histórico. • http://downloads.digium.com/pub/asa/AST-2007-020.html http://seclists.org/fulldisclosure/2007/Aug/0393.html http://secunia.com/advisories/26553 http://securityreason.com/securityalert/3047 http://www.securityfocus.com/bid/25392 http://www.securitytracker.com/id?1018595 http://www.vupen.com/english/advisories/2007/2953 https://exchange.xforce.ibmcloud.com/vulnerabilities/36145 •

CVSS: 3.5EPSS: 93%CPEs: 4EXPL: 0

The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array population. El dispositivo de canal Skinny (chan_skinny) en el Asterisk Open Source anterior al 1.4.10, el AsteriskNOW anterior al beta7, el Appliance Developer Kit anterior al 0.7.0 y el Appliance s800i before 1.0.3 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través del paquete CAPABILITIES_RES_MESSAGE con una capacidad de escrutinio mayor que el array capabilities_res_message de población. • http://downloads.digium.com/pub/asa/ASA-2007-019.pdf http://secunia.com/advisories/26340 http://www.securityfocus.com/bid/25228 http://www.securitytracker.com/id?1018536 http://www.vupen.com/english/advisories/2007/2808 https://exchange.xforce.ibmcloud.com/vulnerabilities/35870 •

CVSS: 5.0EPSS: 4%CPEs: 36EXPL: 0

The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port. La implementación STUN en Asterisk 1.4.x anterior a 1.4.8, AsteriskNOW anterior a beta7, Appliance Developer Kit anterior a 0.5.0, y s800i anterior a 1.0.2 permite a atacantes remotos provocar denegación de servicio (caida) a través de una longitud de atributo manipulado STUN en un paquete STUN enviado a un puerto RTP. • http://ftp.digium.com/pub/asa/ASA-2007-017.pdf http://secunia.com/advisories/26099 http://www.securityfocus.com/bid/24950 http://www.securitytracker.com/id?1018407 http://www.vupen.com/english/advisories/2007/2563 https://exchange.xforce.ibmcloud.com/vulnerabilities/35480 •