Описание
A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.
Ссылки
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
- ExploitIssue TrackingPatchVendor Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
- ExploitIssue TrackingPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 13.0.0 (включая) до 13.38.1 (включая)Версия от 16.0.0 (включая) до 16.15.1 (включая)Версия от 17.0.0 (включая) до 17.9.1 (включая)Версия от 18.0 (включая) до 18.1.1 (включая)
Одно из
cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00085
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-120
Связанные уязвимости
CVSS3: 6.5
ubuntu
почти 5 лет назад
A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.
CVSS3: 6.5
debian
почти 5 лет назад
A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk version ...
github
больше 3 лет назад
A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 allows remote attacker to crash Asterisk by deliberately misusing SIP 181 responses.
EPSS
Процентиль: 25%
0.00085
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-120