Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x prior to 15.6.2 and 16.x prior to 16.0.1 allows remote malicious users to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
digium asterisk 15.6.0 |
||
digium asterisk 15.5.0 |
||
digium asterisk 15.4.0 |
||
digium asterisk 15.2.1 |
||
digium asterisk 15.1.4 |
||
digium asterisk 15.1.2 |
||
digium asterisk 15.3.0 |
||
digium asterisk 15.1.0 |
||
digium asterisk 15.0.0 |
||
digium asterisk 16.0.1 |
||
digium asterisk 16.0.0 |
||
digium asterisk 15.2.2 |
||
digium asterisk 15.2.0 |
||
digium asterisk 15.1.5 |
||
digium asterisk 15.6.1 |
||
digium asterisk 15.4.1 |
||
digium asterisk 15.1.3 |
Vulmon