Back to search
CVE-2018-7286
Published: Feb 22, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. res_pjsip allows remote authenticated users to crash Asterisk (segmentation fault) by sending a number of SIP INVITE messages on a TCP or TLS connection and then suddenly closing the connection.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-4320
vendor-advisory
x_refsource_DEBIAN
https://issues.asterisk.org/jira/browse/ASTERISK-27618
x_refsource_CONFIRM
http://downloads.asterisk.org/pub/security/AST-2018-005.html
x_refsource_CONFIRM
44181
exploit
x_refsource_EXPLOIT-DB
1040417
vdb-entry
x_refsource_SECTRACK
103129
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now