Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Digium Asterisk Open Source 安全漏洞
Vulnerability Description
Digium Asterisk Open Source是美国Digium公司的一套开源的电话交换机(PBX)系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。 Digium Asterisk Open Source 12.3.1之前的12.x版本中的PJSIP通道驱动程序的Publish/Subscribe Framework中存在安全漏洞。程序设置‘sub_min_expiry’值为‘0’时,远程攻击者可利用该漏洞造成拒绝服务(断言失败和崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A