Download
| Alert*
|
oval:org.secpod.oval:def:1800155
CVE-2017-14098: Remote Crash Vulnerability in res_pjsip Fixed In Version: asterisk 13.17.1, asterisk 14.6.1 oval:org.secpod.oval:def:1800000 A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. Reference oval:org.secpod.oval:def:1900264 In res/res_rtp_asterisk.c in Asterisk 11.x before 11.25.2, 13.x before13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure is possible with careful tilibming-dev by an attacker. The "strictrtp" option in rtp.conf enab ... oval:org.secpod.oval:def:44779 CVE-2017-14099: Media takeover in RTP stack Fixed In Version:¶ asterisk 13.17.1, asterisk 14.6.1 oval:org.secpod.oval:def:53128 Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in disclosure of RTP connections or the execution of arbitrary shell commands oval:org.secpod.oval:def:603089 Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in disclosure of RTP connections or the execution of arbitrary shell commands |
