Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Digium Asterisk Open Source 资源管理错误漏洞
Vulnerability Description
Digium Asterisk Open Source是美国Digium公司的一套开源的电话交换机(PBX)系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。 Digium Asterisk Open Source 12.8.1之前12.x版本和13.1.1之前13.x版本中存在安全漏洞,该漏洞源于程序使用PJSIP通道驱动程序时,没有正确回收RTP端口资源。远程攻击者可借助带有不兼容解码器的SDP offer利用该漏洞造成拒绝服务(文件描述符消耗)。
CVSS Information
N/A
Vulnerability Type
N/A