CVE-2020-35776
Gentoo Linux Security Advisory 202412-03
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.
Un desbordamiento del bĂșfer en el archivo res_pjsip_diversion.c en Sangoma Asterisk versiones 13.38.1, 16.15.1, 17.9.1 y 18.1.1, permite a un atacante remoto bloquear Asterisk al hacer un uso inapropiado deliberadamente de las respuestas SIP 181
If a registered user is tricked into dialing a malicious number that sends lots of 181 responses to Asterisk, each one will cause a 181 to be sent back to the original caller with an increasing number of entries in the ???Supported??? header. Eventually the number of entries in the header exceeds the size of the entry array and causes a crash.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-12-29 CVE Reserved
- 2021-02-18 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2021/Feb/57 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://issues.asterisk.org/jira/browse/ASTERISK-29227 | 2024-08-04 |
| URL | Date | SRC |
|---|---|---|
| http://packetstormsecurity.com/files/161470/Asterisk-Project-Security-Advisory-AST-2021-001.html | 2021-02-24 |
| URL | Date | SRC |
|---|---|---|
| https://downloads.asterisk.org/pub/security/AST-2021-001.html | 2021-02-24 | |
| https://issues.asterisk.org | 2021-02-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= 13.0.0 <= 13.38.1 Search vendor "Digium" for product "Asterisk" and version " >= 13.0.0 <= 13.38.1" | - |
Affected
| ||||||
| Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= 16.0.0 <= 16.15.1 Search vendor "Digium" for product "Asterisk" and version " >= 16.0.0 <= 16.15.1" | - |
Affected
| ||||||
| Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= 17.0.0 <= 17.9.1 Search vendor "Digium" for product "Asterisk" and version " >= 17.0.0 <= 17.9.1" | - |
Affected
| ||||||
| Digium Search vendor "Digium" | Asterisk Search vendor "Digium" for product "Asterisk" | >= 18.0 <= 18.1.1 Search vendor "Digium" for product "Asterisk" and version " >= 18.0 <= 18.1.1" | - |
Affected
| ||||||