Описание
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP application-data fields as addresses of memory to free, which allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | ignored | end of life |
| intrepid | not-affected | |
| jaunty | not-affected | |
| karmic | not-affected | |
| lucid | not-affected | |
| maverick | not-affected |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP application-data fields as addresses of memory to free, which allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets.
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and As ...
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP application-data fields as addresses of memory to free, which allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets.
EPSS
5 Medium
CVSS2