CVSS: 9.0EPSS: 32%CPEs: 11EXPL: 0CVE-2019-18610 – Asterisk Project Security Advisory - AST-2019-007
https://notcve.org/view.php?id=CVE-2019-18610
21 Nov 2019 — An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands. Se detectó un problema en el archivo manager.c en Sangoma Asterisk versiones hasta 13.x, 16.x, 17.x y Certified Asterisk versiones 13.21 hasta 13.21-cert4. Un usuario de Asterisk Manager Interface (AM... • http://downloads.asterisk.org/pub/security/AST-2019-007.html • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 7%CPEs: 11EXPL: 0CVE-2019-18790 – Asterisk Project Security Advisory - AST-2019-006
https://notcve.org/view.php?id=CVE-2019-18790
21 Nov 2019 — An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option i... • http://downloads.asterisk.org/pub/security/AST-2019-006.html • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-18976 – Asterisk Project Security Advisory - AST-2019-008
https://notcve.org/view.php?id=CVE-2019-18976
21 Nov 2019 — An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940. Se detectó un problema en el archivo res_pjsip_t38.c en Sangoma Asterisk versiones hasta 13.x y Certified Asterisk versiones hasta 13.21-x. Si recibe una nueva invitación para iniciar el envío de faxes T.38 y tie... • http://downloads.asterisk.org/pub/security/AST-2019-008.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 8%CPEs: 2EXPL: 0CVE-2019-15639 – Asterisk Project Security Advisory - AST-2019-005
https://notcve.org/view.php?id=CVE-2019-15639
05 Sep 2019 — main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario. El archivo main/translate.c en Sangoma Asterisk versiones 13.28.0 y 16.5.0, permite a un atacante remoto enviar un paquete RTP específico durante una llamada y causar un bloqueo en un escenario específico. When audio frames are given to the audio transcoding support in Asterisk the number of samples are examined and as part of this a message i... • http://downloads.asterisk.org/pub/security/AST-2019-005.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 19%CPEs: 8EXPL: 0CVE-2019-12827 – Asterisk Project Security Advisory - AST-2019-002
https://notcve.org/view.php?id=CVE-2019-12827
12 Jul 2019 — Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message. Desbordamiento de búfer en res_pjsip_messaging en Digium Asterisk versiones 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 versiones anteriores permite a los atacantes remotos autenticados cerrar inesperadamente Asterisk enviando un mensaje SIP MESSAGE especialmente diseñado. A specially crafted SIP i... • http://downloads.digium.com/pub/security/AST-2019-002.html • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 2%CPEs: 217EXPL: 0CVE-2019-13161 – Asterisk Project Security Advisory - AST-2019-003
https://notcve.org/view.php?id=CVE-2019-13161
12 Jul 2019 — An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.3... • http://downloads.digium.com/pub/security/AST-2019-003.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 80%CPEs: 33EXPL: 0CVE-2018-17281 – Asterisk Project Security Advisory - AST-2018-010
https://notcve.org/view.php?id=CVE-2018-17281
20 Sep 2018 — There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket. Hay una vulnerabilidad de consumo de pila en el módulo res_http_websocket.so de Asterisk hasta la versión 13.23.0; versiones 14.7.x anteriores a la 14.7.7 y las versiones 15.x anteriores a la 15... • http://downloads.asterisk.org/pub/security/AST-2018-009.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 1%CPEs: 8EXPL: 0CVE-2018-12227 – Gentoo Linux Security Advisory 201811-11
https://notcve.org/view.php?id=CVE-2018-12227
12 Jun 2018 — An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2. When endpoint specific ACL rules block a SIP request, they respond with a 403 forbidden. However, if an endpoint is not identified, then a 401 unauthorized response is sent. This vulnerability just discloses which requests hit a defined endpoint. The ACL rules cannot be bypassed to gain access to the disclosed ... • http://downloads.asterisk.org/pub/security/AST-2018-008.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 73%CPEs: 7EXPL: 3CVE-2018-7284 – Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption
https://notcve.org/view.php?id=CVE-2018-7284
22 Feb 2018 — A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash. Se ha descub... • https://packetstorm.news/files/id/146577 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 72%CPEs: 7EXPL: 0CVE-2017-17850 – Gentoo Linux Security Advisory 201811-11
https://notcve.org/view.php?id=CVE-2017-17850
23 Dec 2017 — An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and older, 15.1.4 and older, and 13.18-cert1 and older. A select set of SIP messages create a dialog in Asterisk. Those SIP messages must contain a contact header. For those messages, if the header was not present and the PJSIP channel driver was used, Asterisk would crash. The severity of this vulnerability is somewhat mitigated if authentication is enabled. • http://downloads.asterisk.org/pub/security/AST-2017-014.html • CWE-20: Improper Input Validation •