Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using an incorrect variable that can be NULL, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a Call-Info header without a purpose parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SIP协议中 channel模块 caller_info_uri参数远程拒绝服务漏洞
Vulnerability Description
Yet Another Telephony Engine (Yate) 中的SIP channel模块会使用一个不正确的变量,设置caller_info_uri参数,这使得远程攻击者可以借助一个没有目标参数的Call-Info头,引起拒绝服务攻击(空指针引用和应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A