Page 8 of 42 results (0.012 seconds)

CVSS: 7.8EPSS: 84%CPEs: 13EXPL: 0

Unspecified vulnerability in the SIP channel driver (channels/chan_sip.c) in Asterisk 1.2.x before 1.2.13 and 1.4.x before 1.4.0-beta3 allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors that result in the creation of "a real pvt structure" that uses more resources than necessary. Vulnerabilidad no especificada en el controlador de canal SIP (channels/chan_sip.c) en ASterisk 1.2.x anteriores a 1.2.13 y 1.4.x aneriores a 1.4.0-beta3 permite a atacantes remotos provocar una denegación de servicio (agotamiento de recursos) a través de vectores no especificados que resultan en la creación de una "estructura pvt real" que usa más recursos de los necesarios. • http://ftp.digium.com/pub/asterisk/releases/ChangeLog-1.2.13 http://secunia.com/advisories/22651 http://secunia.com/advisories/22979 http://www.asterisk.org/node/109 http://www.asterisk.org/node/110 http://www.gentoo.org/security/en/glsa/glsa-200610-15.xml http://www.novell.com/linux/security/advisories/2006_69_asterisk.html http://www.osvdb.org/29973 http://www.securityfocus.com/archive/1/449183/100/0/threaded http://www.securityfocus.com/bid/20835 http: •

CVSS: 7.5EPSS: 17%CPEs: 20EXPL: 0

Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted audit endpoint (AUEP) response. Desbordamiento de búfer basado en pila en channels/chan_mgcp.c de MGCP en Asterisk 1.0 hasta 1.2.10 permite a atacantes remotos ejecutar código de su elección mediante una respuesta de fin de auditoría (audit endpoint) (AUEP) manipulada. • http://ftp.digium.com/pub/asterisk/ChangeLog-1.2.11 http://labs.musecurity.com/advisories/MU-200608-01.txt http://secunia.com/advisories/21600 http://secunia.com/advisories/22651 http://securitytracker.com/id?1016742 http://www.gentoo.org/security/en/glsa/glsa-200610-15.xml http://www.securityfocus.com/archive/1/444322/100/0/threaded http://www.securityfocus.com/bid/19683 http://www.sineapps.com/news.php?rssid=1448 http://www.vupen.com/english/advisories/2006/3372& •

CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 0

Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to (1) execute code via format string specifiers or (2) overwrite files via directory traversals involving unspecified vectors, as demonstrated by the CALLERIDNAME variable. Asterisk 1.2.10 soporta el uso de variables controladas por cliente para determinar los nombres de archivo en la función Record, lo que permite a atacantes remotos (1) ejecutar código mediante especificadores de cadena de formato o (2) sobrescribir archivos mediante saltos de directorio relacionados con vectores no especificados, como se ha demostrado mediante la variable CALLERIDNAME. • http://labs.musecurity.com/advisories/MU-200608-01.txt http://secunia.com/advisories/22651 http://securitytracker.com/id?1016742 http://www.gentoo.org/security/en/glsa/glsa-200610-15.xml http://www.securityfocus.com/archive/1/444322/100/0/threaded http://www.securityfocus.com/bid/19683 http://www.sineapps.com/news.php?rssid=1448 http://www.vupen.com/english/advisories/2006/3372 https://exchange.xforce.ibmcloud.com/vulnerabilities/28544 https://exchange.xforce.ibmcloud.com/vu •

CVSS: 7.5EPSS: 15%CPEs: 9EXPL: 0

The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via truncated IAX 2 (IAX2) video frames, which bypasses a length check and leads to a buffer overflow involving negative length check. NOTE: the vendor advisory claims that only a DoS is possible, but the original researcher is reliable. • http://secunia.com/advisories/20497 http://secunia.com/advisories/20658 http://secunia.com/advisories/20899 http://secunia.com/advisories/21222 http://securitytracker.com/id?1016236 http://www.asterisk.org/node/95 http://www.debian.org/security/2006/dsa-1126 http://www.gentoo.org/security/en/glsa/glsa-200606-15.xml http://www.novell.com/linux/security/advisories/2006_38_security.html http://www.securityfocus.com/archive/1/436127/100/0/threaded http://www.securityfoc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.4EPSS: 10%CPEs: 38EXPL: 1

Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length. • http://ftp.digium.com/pub/asterisk/releases/asterisk-1.2.7-patch.gz http://secunia.com/advisories/19800 http://secunia.com/advisories/19872 http://secunia.com/advisories/19897 http://www.cipher.org.uk/index.php?p=advisories/Asterisk_Codec_Integer_Overflow_07-04-2006.advisory http://www.debian.org/security/2006/dsa-1048 http://www.novell.com/linux/security/advisories/2006_04_28.html http://www.securityfocus.com/bid/17561 http://www.vupen.com/english/advisories/2006/1478 •