Back to search
CVE-2018-19278
Published: Nov 14, 2018
Modified: Sep 16, 2024
PUBLISHED
Description
Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://downloads.asterisk.org/pub/security/AST-2018-010.html
x_refsource_MISC
https://issues.asterisk.org/jira/browse/ASTERISK-28127
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now