Advisories

CVE-2018-8828 - Kamailio 5.1.1 / 5.1.0 / 5.0.0 Heap Overflow

Kamailio versions 5.1.1, 5.1.0, and 5.0.0 suffer from an off-by-one heap overflow vulnerability

Asterisk 15.2.0 chan_pjsip INVITE Denial Of Service

Asterisk running chan_pjsip suffers from an INVITE message denial of service vulnerability. Versions affected include Versions affected include 15.2.0, 15.1.0, 15.0.0, 13.19.0, 13.11.2, and 14.7.5.

Asterisk 15.2.0 chan_pjsip SDP Media Format Denial Of Service

Asterisk running chan_pjsip suffers from an SDP message related denial of service vulnerability. Versions affected include 13.10.0, 15.1.3, 15.1.4, 15.1.5, and 15.2.0.

Asterisk 15.2.0 chan_pjsip SDP fmtp Denial Of Service

Asterisk version 15.2.0 running chan_pjsip suffers from an SDP message related denial of service vulnerability.

Asterisk 15.2.0 chan_pjsip SUBSCRIBE Stack Corruption

Asterisk running chan_pjsip suffers from a SUBSCRIBE message stack corruption vulnerability. Vulnerable versions include 15.2.0, 13.19.0, 14.7.5, and 13.11.2.

Asterisk 14.4.0 PJSIP 2.6 Denial Of Service

Out of bound memory access in PJSIP multipart parser crashes Asterisk

Asterisk 14.4.0 PJSIP 2.6 Heap Overflow

Heap overflow in CSEQ header parsing affects Asterisk chan_pjsip and PJSIP

Asterisk 14.4.0 Skinny Denial Of Service

Asterisk Skinny memory exhaustion vulnerability leads to DoS