FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
e60d9e65-3f6b-11e4-ad16-001999f8d30basterisk -- Remotely triggered crash

The Asterisk project reports:

When an out of call message - delivered by either the SIP or PJSIP channel driver or the XMPP stack - is handled in Asterisk, a crash can occur if the channel servicing the message is sent into the ReceiveFax dialplan application while using the res_fax_spandsp module.

Note that this crash does not occur when using the res_fax_digium module. While this crash technically occurs due to a configuration issue, as attempting to receive a fax from a channel driver that only contains textual information will never succeed, the likelihood of having it occur is sufficiently high as to warrant this advisory.


Discovery 2014-09-05
Entry 2014-09-18
asterisk11
< 11.12.1

http://downloads.asterisk.org/pub/security/AST-2014-010.pdf
https://issues.asterisk.org/jira/browse/ASTERISK-24301
https://www.asterisk.org/security