Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 does not use a maximum width when invoking sscanf style functions, which allows remote attackers to cause a denial of service (stack memory consumption) via SIP packets containing large sequences of ASCII decimal characters, as demonstrated via vectors related to (1) the CSeq value in a SIP header, (2) large Content-Length value, and (3) SDP.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Asterisk SIP Channel Driver 'scanf' 多个远程拒绝服务漏洞
Vulnerability Description
1.2.34版本以前的Asterisk Open Source 1.2.x ,1.4.26.1以前的1.4.x , 1.6.0.12以前的1.6.0.x , 和 1.6.1.4以前的1.6.1.x 的SIP 渠道驱动程序 ; B.2.5.9以前的Asterisk Business Edition A.x.x, B.x.x, C.2.4.1以前的C.2.x before C.2.4.1, 以及C.3.1之前的 C.3.x; 还有1.3.0.3以前的Asterisk Appliance s800i 1.2.x
CVSS Information
N/A
Vulnerability Type
N/A