Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk prior to 1.4.3 allow remote malicious users to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
asterisk asterisk 1.4.1 |
||
asterisk asterisk 1.4.2 |
||
asterisk asterisk 1.4_beta |