An issue exists in res_pjsip_session.c in Digium Asterisk up to and including 13.38.1; 14.x, 15.x, and 16.x up to and including 16.16.0; 17.x up to and including 17.9.1; and 18.x up to and including 18.2.0, and Certified Asterisk up to and including 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash Asterisk by sending specific SIP responses that cause an SDP negotiation failure.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
digium asterisk |
||
digium certified asterisk 16.8 |