An issue exists in Asterisk up to and including 13.19.1, 14.x up to and including 14.7.5, and 15.x up to and including 15.2.1, and Certified Asterisk up to and including 13.18-cert2. res_pjsip allows remote authenticated users to crash Asterisk (segmentation fault) by sending a number of SIP INVITE messages on a TCP or TLS connection and then suddenly closing the connection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
digium asterisk |
||
digium asterisk 13.19.1 |
||
digium certified asterisk |
||
debian debian linux 9.0 |