CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 1CVE-2020-28327
https://notcve.org/view.php?id=CVE-2020-28327
A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects, were dereferenced or accessed next by the initial-creation thread. • http://downloads.asterisk.org/pub/security/AST-2020-001.html https://issues.asterisk.org/jira/browse/ASTERISK-29057 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 6%CPEs: 7EXPL: 0CVE-2019-18976
https://notcve.org/view.php?id=CVE-2019-18976
An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940. Se detectó un problema en el archivo res_pjsip_t38.c en Sangoma Asterisk versiones hasta 13.x y Certified Asterisk versiones hasta 13.21-x. Si recibe una nueva invitación para iniciar el envío de faxes T.38 y tiene un puerto de 0 y sin línea c en el SDP, se producirá una desreferencia del puntero NULL y un bloqueo. • http://downloads.asterisk.org/pub/security/AST-2019-008.html https://lists.debian.org/debian-lts-announce/2022/04/msg00001.html https://packetstormsecurity.com/files/155436/Asterisk-Project-Security-Advisory-AST-2019-008.html https://seclists.org/fulldisclosure/2019/Nov/20 https://www.asterisk.org/downloads/security-advisories https://www.cybersecurity-help.cz/vdb/SB2019112218?affChecked=1 • CWE-476: NULL Pointer Dereference •
CVSS: 9.0EPSS: 77%CPEs: 11EXPL: 0CVE-2019-18610
https://notcve.org/view.php?id=CVE-2019-18610
An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands. Se detectó un problema en el archivo manager.c en Sangoma Asterisk versiones hasta 13.x, 16.x, 17.x y Certified Asterisk versiones 13.21 hasta 13.21-cert4. Un usuario de Asterisk Manager Interface (AMI) autenticado remoto sin autorización del sistema podría usar una petición Originate AMI especialmente diseñada para ejecutar comandos arbitrarios del sistema. • http://downloads.asterisk.org/pub/security/AST-2019-007.html https://lists.debian.org/debian-lts-announce/2019/11/msg00038.html https://lists.debian.org/debian-lts-announce/2022/04/msg00001.html https://www.asterisk.org/downloads/security-advisories • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2019-18790
https://notcve.org/view.php?id=CVE-2019-18790
An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport. • http://downloads.asterisk.org/pub/security/AST-2019-006.html https://lists.debian.org/debian-lts-announce/2019/11/msg00038.html https://lists.debian.org/debian-lts-announce/2022/04/msg00001.html https://www.asterisk.org/downloads/security-advisories • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-15639
https://notcve.org/view.php?id=CVE-2019-15639
main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario. El archivo main/translate.c en Sangoma Asterisk versiones 13.28.0 y 16.5.0, permite a un atacante remoto enviar un paquete RTP específico durante una llamada y causar un bloqueo en un escenario específico. • http://downloads.asterisk.org/pub/security/AST-2019-005.html http://packetstormsecurity.com/files/154372/Asterisk-Project-Security-Advisory-AST-2019-005.html • CWE-20: Improper Input Validation •