CVE-2022-37325
https://notcve.org/view.php?id=CVE-2022-37325
In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash. En Sangoma Asterisk hasta 16.28.0, 17.x y 18.x hasta 18.14.0, y 19.x hasta 19.6.0, un mensaje de configuración entrante a addons/ooh323c/src/ooq931.c con una persona que llama o una persona llamada con formato incorrecto IE puede provocar un bloqueo. • https://downloads.asterisk.org/pub/security/AST-2022-007.html https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html https://www.debian.org/security/2023/dsa-5358 • CWE-787: Out-of-bounds Write •
CVE-2022-42705
https://notcve.org/view.php?id=CVE-2022-42705
A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription. Un use after free en res_pjsip_pubsub.c en Sangoma Asterisk 16.28, 18.14, 19.6 y certificado/18.9-cert2 puede permitir que un atacante remoto autenticado bloquee Asterisk (denegación de servicio) al realizar actividad en una suscripción a través de un transporte confiable en al mismo tiempo que Asterisk también realiza actividad en esa suscripción. • https://downloads.asterisk.org/pub/security/AST-2022-008.html https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html https://www.debian.org/security/2023/dsa-5358 • CWE-416: Use After Free •
CVE-2022-42706
https://notcve.org/view.php?id=CVE-2022-42706
An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the asterisk configuration directory, aka Directory Traversal. Se descubrió un problema en Sangoma Asterisk hasta 16.28, 17 y 18 hasta 18.14, 19 hasta 19.6 y se certificó hasta 18.9-cert1. GetConfig, a través de la interfaz de Asterisk Manager, permite que una aplicación conectada acceda a archivos fuera del directorio de configuración de Asterisk, aka como Directory Traversal. • https://downloads.asterisk.org/pub/security/AST-2022-009.html https://lists.debian.org/debian-lts-announce/2023/02/msg00029.html https://www.debian.org/security/2023/dsa-5358 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2022-23608 – Use after free in PJSIP
https://notcve.org/view.php?id=CVE-2022-23608
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue. • http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html http://seclists.org/fulldisclosure/2022/Mar/1 https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62 https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html https://lists.debian.org/debian-lts-announce/2022/03/msg00040.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https:/ • CWE-416: Use After Free •
CVE-2021-45310
https://notcve.org/view.php?id=CVE-2021-45310
Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information disclosure vulnerability due to an improper access restriction. Users information such as first name, last name, acount id, server uuid, email address, profile image, number, timestamps, etc can be extracted by sending an unauthenticated HTTP GET request to the https://Switchvox-IP/main?cmd=invalid_browser. Sangoma Technologies Corporation Switchvox versión 102409, está afectada por una vulnerabilidad de divulgación de información debido a una restricción de acceso inapropiada. La información de usuarios, como el nombre, el apellido, el id de la cuenta, el uuid del servidor, la dirección de correo electrónico, la imagen del perfil, el número, las marcas de tiempo, etc., puede extraerse mediante el envío de una petición HTTP GET no autenticada a la dirección https://Switchvox-IP/main? • https://github.com/IthacaLabs/Sangoma/tree/main/Switchvox_Version%20102409 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •