Описание
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (buffer overflow and application crash) via a SIP packet with a crafted CSeq header in conjunction with a Via header that lacks a branch parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 2.6~dfsg-2 |
| devel | not-affected | 2.6~dfsg-2 |
| esm-apps/xenial | released | 2.1.0.0.ast20130823-1+deb8u1build0.16.04.1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [2.1.0.0.ast20130823-1+deb8u1build0.14.04.1]] |
| precise/esm | DNE | |
| trusty | released | 2.1.0.0.ast20130823-1+deb8u1build0.14.04.1 |
| trusty/esm | DNE | trusty was released [2.1.0.0.ast20130823-1+deb8u1build0.14.04.1] |
| upstream | released | 2.5.5~dfsg-6 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (buffer overflow and application crash) via a SIP packet with a crafted CSeq header in conjunction with a Via header that lacks a branch parameter.
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x be ...
PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attackers to cause a denial of service (buffer overflow and application crash) via a SIP packet with a crafted CSeq header in conjunction with a Via header that lacks a branch parameter.
EPSS
5 Medium
CVSS2
7.5 High
CVSS3