Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request without any Accept headers, which triggers an invalid pointer dereference.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Digium Asterisk Open Source 输入验证漏洞
Vulnerability Description
Digium Asterisk是美国Digium公司的一套开源的电话交换机(PBX)系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。 Digium Asterisk Open Source 12.1.0之前的12.x版本中的PJSIP Channel驱动程序的res/res_pjsip_exten_state.c文件存在安全漏洞。远程攻击者可通过发送没有任何Accept头部信息的SUBSCRIBE请求利用该漏洞造成拒绝服务(崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A