Race condition in the chan_pjsip channel driver in Asterisk Open Source 12.x prior to 12.7.1 and 13.x prior to 13.0.1 allows remote malicious users to cause a denial of service (assertion failure and crash) via a cancel request for a SIP session with a queued action to (1) answer a session or (2) send ringing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
digium asterisk |