CVE-2022-37325
https://notcve.org/view.php?id=CVE-2022-37325
In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash. En Sangoma Asterisk hasta 16.28.0, 17.x y 18.x hasta 18.14.0, y 19.x hasta 19.6.0, un mensaje de configuración entrante a addons/ooh323c/src/ooq931.c con una persona que llama o una persona llamada con formato incorrecto IE puede provocar un bloqueo. • https://downloads.asterisk.org/pub/security/AST-2022-007.html https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html https://www.debian.org/security/2023/dsa-5358 • CWE-787: Out-of-bounds Write •
CVE-2022-42705
https://notcve.org/view.php?id=CVE-2022-42705
A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription. Un use after free en res_pjsip_pubsub.c en Sangoma Asterisk 16.28, 18.14, 19.6 y certificado/18.9-cert2 puede permitir que un atacante remoto autenticado bloquee Asterisk (denegación de servicio) al realizar actividad en una suscripción a través de un transporte confiable en al mismo tiempo que Asterisk también realiza actividad en esa suscripción. • https://downloads.asterisk.org/pub/security/AST-2022-008.html https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html https://www.debian.org/security/2023/dsa-5358 • CWE-416: Use After Free •
CVE-2022-42706
https://notcve.org/view.php?id=CVE-2022-42706
An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the asterisk configuration directory, aka Directory Traversal. Se descubrió un problema en Sangoma Asterisk hasta 16.28, 17 y 18 hasta 18.14, 19 hasta 19.6 y se certificó hasta 18.9-cert1. GetConfig, a través de la interfaz de Asterisk Manager, permite que una aplicación conectada acceda a archivos fuera del directorio de configuración de Asterisk, aka como Directory Traversal. • https://downloads.asterisk.org/pub/security/AST-2022-009.html https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html https://www.debian.org/security/2023/dsa-5358 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2021-46837
https://notcve.org/view.php?id=CVE-2021-46837
res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrence of the CVE-2019-15297 symptoms but not for exactly the same reason. The crash occurs because there is an append operation relative to the active topology, but this should instead be a replace operation. La función res_pjsip_t38 en Sangoma Asterisk versiones 16.x anteriores a 16.16.2, 17.x anteriores a 17.9.3, y 18.x anteriores a 18.2.2, y Certified Asterisk anteriores a 16.8-cert7, permite a un atacante desencadenar un fallo mediante el envío de una línea m=image y un puerto cero en una respuesta a una Re invitación T.38 iniciada por Asterisk. Se trata de una reaparición de los síntomas de la CVE-2019-15297 pero no exactamente por el mismo motivo. • https://downloads.asterisk.org/pub/security/AST-2021-006.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https://www.debian.org/security/2022/dsa-5285 • CWE-476: NULL Pointer Dereference •
CVE-2022-26651
https://notcve.org/view.php?id=CVE-2022-26651
An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The func_odbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL query or possibly a SQL injection. This is fixed in 16.25.2, 18.11.2, and 19.3.2, and 16.8-cert14. Se ha detectado un problema en Asterisk versiones hast 19.x y Certified Asterisk versiones hasta 16.8-cert13. El módulo func_odbc proporciona una funcionalidad de escape posiblemente inapropiada para los caracteres de barra invertida en las consultas SQL, resultando en que los datos proporcionados por el usuario creen una consulta SQL rota o posiblemente una inyección SQL. • http://packetstormsecurity.com/files/166746/Asterisk-Project-Security-Advisory-AST-2022-003.html https://downloads.asterisk.org/pub/security https://downloads.asterisk.org/pub/security/AST-2022-003.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https://www.debian.org/security/2022/dsa-5285 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •