CVE-2017-14098: CVE-2017-14098

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-14098

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Digium Asterisk pjsip channel driver (res_pjsip) 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Digium Asterisk是美国Digium公司的一套开源的电话交换机（PBX）系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。pjsip channel driver(res_pjsip)是其中的一个pjsip驱动程序。 Digium Asterisk 13.17.1之前的13.x版本和14.6.1之前的14.x版本中的pjsip channel driver (res_pjsip)存在安全漏洞。攻击者可借助From、To或Contact包头中特制的tel URI利用该漏洞造

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-14098

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-14098

Please Login to view more intelligence information

https://issues.asterisk.org/jira/browse/ASTERISK-27152x_refsource_CONFIRM
https://bugs.debian.org/873909x_refsource_CONFIRM
http://downloads.asterisk.org/pub/security/AST-2017-007.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/100583vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039253vdb-entryx_refsource_SECTRACK
https://nvd.nist.gov/vuln/detail/CVE-2017-14098

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2017-14098

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2017-14098

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-14098

III. Intelligence Information for CVE-2017-14098

New Vulnerabilities

V. Comments for CVE-2017-14098

Leave a comment