CVE-2020-35776

Опубликовано: 18 фев. 2021

Источник: debian

EPSS Низкий

Описание

A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
asterisk	fixed	1:16.16.1~dfsg-1		package
asterisk	postponed		buster	package
asterisk	no-dsa		stretch	package

Примечания

https://downloads.asterisk.org/pub/security/AST-2021-001.html
https://issues.asterisk.org/jira/browse/ASTERISK-29227

EPSS

Процентиль: 25%

0.00085

Низкий

Связанные уязвимости

CVE-2020-35776

CVSS3: 6.5

ubuntu

почти 5 лет назад

A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.

CVE-2020-35776

CVSS3: 6.5

nvd

почти 5 лет назад

A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.

GHSA-4ch3-ggx2-34pj

github

больше 3 лет назад

A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.

EPSS

Процентиль: 25%

0.00085

Низкий