Описание
The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properly null terminate data, which allows remote attackers to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application crash), by sending a frame that lacks a 0 byte.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1.4.11~dfsg-1 |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.4.11~dfsg-1 |
| hardy | released | 1.4.11~dfsg-1 |
| intrepid | released | 1.4.11~dfsg-1 |
| jaunty | released | 1.4.11~dfsg-1 |
| karmic | released | 1.4.11~dfsg-1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
10 Critical
CVSS2
Связанные уязвимости
The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properly null terminate data, which allows remote attackers to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application crash), by sending a frame that lacks a 0 byte.
The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does n ...
The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properly null terminate data, which allows remote attackers to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application crash), by sending a frame that lacks a 0 byte.
EPSS
10 Critical
CVSS2