Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Asterisk SIP channel驱动远程拒绝服务漏洞
Vulnerability Description
Asterisk是一款PBX系统软件,支持SIP、IAX、H323协议。 Asterisk处理带有畸形数据的请求时存在漏洞,远程攻击者可能利用此漏洞导致设备不可用。 当Asterisk试图以Also方式传输BYE消息时,由于将数据拷贝到了空指针,因此系统会立即崩溃。如果要利用这个漏洞,攻击者必须首先已经建立了对话。
CVSS Information
N/A
Vulnerability Type
N/A