Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession. This is caused by a signedness comparison mismatch.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Digium Certified Asterisk 缓冲区错误漏洞
Vulnerability Description
Digium Certified Asterisk是美国Digium公司的一套开源的电话交换机(PBX)系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。 Digium Certified Asterisk 中存在缓冲区错误漏洞。该漏洞源于asterisk.c中的符号比较不匹配导致产品在内存上执行操作时,未正确验证数据边界。攻击者可通过快速连续发送多个保留/取消保留请求导致应用崩溃。以下产品及版本受到影响:Sangoma Asterisk 16.16.1 之前版本, Sangoma
CVSS Information
N/A
Vulnerability Type
N/A