NA

CVE-2019-12827

Published: 12/07/2019 Updated: 14/07/2019

Vulnerability Summary

Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and previous versions allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.

Vulnerability Trend

Vendor Advisories

Debian Bug report logs - #931981 asterisk: CVE-2019-13161: AST-2019-003: Remote Crash Vulnerability in chan_sip channel driver Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Source for asterisk is src:asterisk (PTS, buildd, popcon) Reported by: Salvatore Bonacco ...
Debian Bug report logs - #931980 asterisk: CVE-2019-12827: AST-2019-002: Remote crash vulnerability with MESSAGE messages Package: asterisk; Maintainer for asterisk is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Source for asterisk is src:asterisk (PTS, buildd, popcon) Reported by: Salvatore Bonaccorso & ...

Mailing Lists

Asterisk Project Security Advisory - AST-2019-002 Product Asterisk Summary Remote crash vulnerability with MESSAGE messages Nature of Advisory Denial Of Service Susceptibility Remote Authenticated Sessions ...
Asterisk Project Security Advisory - AST-2019-002 Product Asterisk Summary Remote crash vulnerability with MESSAGE messages Nature of Advisory Denial Of Service Susceptibility Remote Authenticated Sessions ...