FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  567419
Date:      2021-03-05
Time:      21:18:20Z
Committer: mfechner

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
03159886-a8a3-11e3-8f36-0025905a4771asterisk -- multiple vulnerabilities

The Asterisk project reports:

Stack Overflow in HTTP Processing of Cookie Headers. Sending a HTTP request that is handled by Asterisk with a large number of Cookie headers could overflow the stack. You could even exhaust memory if you sent an unlimited number of headers in the request.

Denial of Service Through File Descriptor Exhaustion with chan_sip Session-Timers. An attacker can use all available file descriptors using SIP INVITE requests. Asterisk will respond with code 400, 420, or 422 for INVITEs meeting this criteria. Each INVITE meeting these conditions will leak a channel and several file descriptors. The file descriptors cannot be released without restarting Asterisk which may allow intrusion detection systems to be bypassed by sending the requests slowly.

Remote Crash Vulnerability in PJSIP channel driver. A remotely exploitable crash vulnerability exists in the PJSIP channel driver if the "qualify_frequency" configuration option is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request. The response handling code wrongly assumes that a PJSIP endpoint will always be associated with an outgoing request which is incorrect.


Discovery 2014-03-10
Entry 2014-03-10
asterisk11
lt 11.8.1

asterisk18
lt 1.8.26.1

CVE-2014-2286
CVE-2014-2287
CVE-2014-2288
http://downloads.asterisk.org/pub/security/AST-2014-001.pdf
http://downloads.asterisk.org/pub/security/AST-2014-002.pdf
http://downloads.asterisk.org/pub/security/AST-2014-003.pdf
https://www.asterisk.org/security
0c39bafc-6771-11e3-868f-0025905a4771asterisk -- multiple vulnerabilities

The Asterisk project reports:

A 16 bit SMS message that contains an odd message length value will cause the message decoding loop to run forever. The message buffer is not on the stack but will be overflowed resulting in corrupted memory and an immediate crash.

External control protocols, such as the Asterisk Manager Interface, often have the ability to get and set channel variables; this allows the execution of dialplan functions. Dialplan functions within Asterisk are incredibly powerful, which is wonderful for building applications using Asterisk. But during the read or write execution, certain diaplan functions do much more. For example, reading the SHELL() function can execute arbitrary commands on the system Asterisk is running on. Writing to the FILE() function can change any file that Asterisk has write access to. When these functions are executed from an external protocol, that execution could result in a privilege escalation.


Discovery 2013-12-16
Entry 2013-12-17
asterisk10
lt 10.12.4

asterisk11
lt 11.6.1

asterisk18
lt 1.8.24.1

CVE-2013-7100
http://downloads.asterisk.org/pub/security/AST-2013-006.pdf
http://downloads.asterisk.org/pub/security/AST-2013-007.pdf
https://www.asterisk.org/security
0d530174-6eef-11e1-afd6-14dae9ebcf89asterisk -- multiple vulnerabilities

Asterisk project reports:

Stack Buffer Overflow in HTTP Manager

Remote Crash Vulnerability in Milliwatt Application


Discovery 2012-03-15
Entry 2012-03-15
asterisk14
gt 1.4.* lt 1.4.44

asterisk16
gt 1.6.* lt 1.6.2.23

asterisk18
gt 1.8.* lt 1.8.10.1

asterisk10
gt 10.* lt 10.2.1

http://downloads.asterisk.org/pub/security/AST-2012-002.html
http://downloads.asterisk.org/pub/security/AST-2012-003.html
1c5abbe2-8d7f-11e1-a374-14dae9ebcf89asterisk -- multiple vulnerabilities

Asterisk project reports:

Remote Crash Vulnerability in SIP Channel Driver

Heap Buffer Overflow in Skinny Channel Driver

Asterisk Manager User Unauthorized Shell Access


Discovery 2012-04-23
Entry 2012-04-23
asterisk16
gt 1.6.* lt 1.6.2.24

asterisk18
gt 1.8.* lt 1.8.11.1

asterisk10
gt 10.* lt 10.3.1

http://downloads.digium.com/pub/security/AST-2012-004.html
CVE-2012-2414
http://downloads.digium.com/pub/security/AST-2012-005.html
CVE-2012-2415
http://downloads.digium.com/pub/security/AST-2012-006.html
CVE-2012-2416
29b7f0be-1fb7-11eb-b9d4-001999f8d30basterisk -- Outbound INVITE loop on challenge with different nonce

The Asterisk project reports:

If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur.


Discovery 2020-11-05
Entry 2020-11-05
asterisk13
lt 13.37.1

asterisk16
lt 16.14.1

asterisk18
lt 18.0.1

https://downloads.asterisk.org/pub/security/AST-2020-002.html
34ce5817-8d56-11e0-b5a2-6c626dd55a41asterisk -- Remote crash vulnerability

The Asterisk Development Team reports:

If a remote user initiates a SIP call and the recipient picks up, the remote user can reply with a malformed Contact header that Asterisk will improperly handle and cause a crash due to a segmentation fault.


Discovery 2011-06-02
Entry 2011-06-02
asterisk18
gt 1.8.* lt 1.8.4.2

CVE-2011-2216
http://downloads.asterisk.org/pub/security/AST-2011-007.pdf
359f615d-a9e1-11e1-8a66-14dae9ebcf89asterisk -- multiple vulnerabilities

Asterisk project reports:

Remote crash vulnerability in IAX2 channel driver.

Skinny Channel Driver Remote Crash Vulnerability


Discovery 2012-05-29
Entry 2012-05-29
Modified 2012-05-29
asterisk16
gt 1.6.* le 1.6.2.24

asterisk18
gt 1.8.* lt 1.8.12.1

asterisk10
gt 10.* lt 10.4.1

CVE-2012-2947
http://downloads.digium.com/pub/security/AST-2012-007.html
CVE-2012-2948
http://downloads.digium.com/pub/security/AST-2012-008.html
https://www.asterisk.org/security
3c7d565a-6c64-11e0-813a-6c626dd55a41Asterisk -- multiple vulnerabilities

The Asterisk Development Team reports:

It is possible for a user of the Asterisk Manager Interface to bypass a security check and execute shell commands when they should not have that ability. Sending the "Async" header with the "Application" header during an Originate action, allows authenticated manager users to execute shell commands. Only users with the "system" privilege should be able to do this.

On systems that have the Asterisk Manager Interface, Skinny, SIP over TCP, or the built in HTTP server enabled, it is possible for an attacker to open as many connections to asterisk as he wishes. This will cause Asterisk to run out of available file descriptors and stop processing any new calls. Additionally, disk space can be exhausted as Asterisk logs failures to open new file descriptors.


Discovery 2011-04-21
Entry 2011-04-21
asterisk14
gt 1.4.* lt 1.4.40.1

asterisk16
gt 1.6.* lt 1.6.2.17.3

asterisk18
gt 1.8.* lt 1.8.3.3

CVE-2011-1507
http://downloads.asterisk.org/pub/security/AST-2011-005.pdf
http://downloads.asterisk.org/pub/security/AST-2011-006.pdf
40544e8c-9f7b-11e0-9bec-6c626dd55a41Asterisk -- multiple vulnerabilities

The Asterisk Development Team reports:

AST-2011-008: If a remote user sends a SIP packet containing a NULL, Asterisk assumes available data extends past the null to the end of the packet when the buffer is actually truncated when copied. This causes SIP header parsing to modify data past the end of the buffer altering unrelated memory structures. This vulnerability does not affect TCP/TLS connections.

AST-2011-009: A remote user sending a SIP packet containing a Contact header with a missing left angle bracket causes Asterisk to access a null pointer.

AST-2011-010: A memory address was inadvertently transmitted over the network via IAX2 via an option control frame and the remote party would try to access it.

Possible enumeration of SIP users due to differing authentication responses.


Discovery 2011-06-24
Entry 2011-06-25
Modified 2011-06-29
asterisk14
gt 1.4.* lt 1.4.41.2

asterisk16
gt 1.6.* lt 1.6.2.18.2

asterisk18
gt 1.8.* lt 1.8.4.4

CVE-2011-2529
CVE-2011-2535
CVE-2011-2536
http://downloads.asterisk.org/pub/security/AST-2011-008.html
http://downloads.asterisk.org/pub/security/AST-2011-009.html
http://downloads.asterisk.org/pub/security/AST-2011-010.html
http://downloads.asterisk.org/pub/security/AST-2011-011.html
4c1ac2dd-c788-11e1-be25-14dae9ebcf89asterisk -- multiple vulnerabilities

Asterisk project reports:

Possible resource leak on uncompleted re-invite transactions.

Remote crash vulnerability in voice mail application.


Discovery 2012-07-05
Entry 2012-07-06
Modified 2012-08-30
asterisk
gt 10.* lt 10.5.2

asterisk18
gt 1.8.* lt 1.8.13.1

CVE-2012-3812
http://downloads.digium.com/pub/security/AST-2012-010.html
http://downloads.digium.com/pub/security/AST-2012-011.html
https://www.asterisk.org/security
4c53f007-f2ed-11e1-a215-14dae9ebcf89asterisk -- multiple vulnerabilities

Asterisk project reports:

Asterisk Manager User Unauthorized Shell Access

ACL rules ignored when placing outbound calls by certain IAX2 users


Discovery 2012-08-30
Entry 2012-08-30
asterisk
gt 10.* lt 10.7.1

asterisk18
gt 1.8.* lt 1.8.15.1

CVE-2012-2186
CVE-2012-4737
http://downloads.digium.com/pub/security/AST-2012-012.html
http://downloads.digium.com/pub/security/AST-2012-013.html
https://www.asterisk.org/security
5ab9fb2a-23a5-11e0-a835-0003ba02bf30asterisk -- Exploitable Stack Buffer Overflow

The Asterisk Development Team reports:

The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2, 1.8.1.2, and 1.8.2.1 resolve an issue when forming an outgoing SIP request while in pedantic mode, which can cause a stack buffer to be made to overflow if supplied with carefully crafted caller ID information. The issue and resolution are described in the AST-2011-001 security advisory.


Discovery 2011-01-18
Entry 2011-01-19
asterisk14
gt 1.4.* lt 1.4.39.1

asterisk16
gt 1.6.* lt 1.6.2.16.1

asterisk18
gt 1.8.* lt 1.8.2.2

http://downloads.asterisk.org/pub/security/AST-2011-001.pdf
65d16342-3ec8-11e0-9df7-001c42d23634asterisk -- Exploitable Stack and Heap Array Overflows

The Asterisk Development Team reports:

The releases of Asterisk 1.4.39.2, 1.6.1.22, 1.6.2.16.2, and 1.8.2.4 resolve an issue that when decoding UDPTL packets, multiple heap based arrays can be made to overflow by specially crafted packets. Systems configured for T.38 pass through or termination are vulnerable. The issue and resolution are described in the AST-2011-002 security advisory.


Discovery 2011-02-21
Entry 2011-02-22
asterisk14
gt 1.4.* lt 1.4.39.2

asterisk16
gt 1.6.* lt 1.6.2.16.2

asterisk18
gt 1.8.* lt 1.8.2.4

http://downloads.asterisk.org/pub/security/AST-2011-002.html
http://secunia.com/advisories/43429/
6adf6ce0-44a6-11eb-95b7-001999f8d30basterisk -- Remote crash in res_pjsip_diversion

The Asterisk project reports:

AST-2020-003: A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri.

AST-2020-004: A crash can occur in Asterisk when a SIP 181 response is received that has a Diversion header, which contains a tel-uri.


Discovery 2020-12-02
Entry 2020-12-22
asterisk13
lt 13.38.1

asterisk16
lt 16.15.1

asterisk18
lt 18.1.1

https://downloads.asterisk.org/pub/security/AST-2020-003.html
https://downloads.asterisk.org/pub/security/AST-2020-004.html
972fe546-1fb6-11eb-b9d4-001999f8d30basterisk -- Remote crash in res_pjsip_session

The Asterisk project reports:

Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending upon some off nominal circumstances, and timing it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects were de-referenced, or accessed next by the initial creation thread.


Discovery 2020-11-05
Entry 2020-11-05
asterisk13
lt 13.37.1

asterisk16
lt 16.14.1

asterisk18
lt 18.0.1

https://downloads.asterisk.org/pub/security/AST-2020-001.html
a95092a6-f8f1-11e0-a7ea-00215c6a37bbasterisk -- remote crash vulnerability in SIP channel driver

Asterisk project reports:

A remote authenticated user can cause a crash with a malformed request due to an unitialized variable.


Discovery 2011-10-17
Entry 2011-10-17
asterisk18
gt 1.8.* lt 1.8.7.1

asterisk
gt 10.0.0.* lt 10.0.0.r1

CVE-2011-4063
bb389137-21fb-11e1-89b4-001ec9578670asterisk -- Multiple Vulnerabilities

Asterisk project reports:

It is possible to enumerate SIP usernames when the general and user/peer NAT settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header.

When the "automon" feature is enabled in features.conf, it is possible to send a sequence of SIP requests that cause Asterisk to dereference a NULL pointer and crash.


Discovery 2011-12-08
Entry 2011-12-09
asterisk18
lt 1.8.7.2

asterisk16
lt 1.6.2.21

CVE-2011-4597
CVE-2011-4598
http://downloads.asterisk.org/pub/security/AST-2011-013.html
http://downloads.asterisk.org/pub/security/AST-2011-014.html
bfe9c75e-5028-11e0-b2d2-00215c6a37bbasterisk -- Multiple Vulnerabilities

The Asterisk Development Team reports:

The releases of Asterisk 1.6.1.23, 1.6.2.17.1, and 1.8.3.1 resolve two issues:

  • Resource exhaustion in Asterisk Manager Interface (AST-2011-003)
  • Remote crash vulnerability in TCP/TLS server (AST-2011-004)

The issues and resolutions are described in the AST-2011-003 and AST-2011-004 security advisories.


Discovery 2011-03-01
Entry 2011-03-16
asterisk16
gt 1.6.* lt 1.6.2.17.1

asterisk18
gt 1.8.* lt 1.8.3.1

http://downloads.asterisk.org/pub/security/AST-2011-003.html
http://downloads.asterisk.org/pub/security/AST-2011-004.html
daf0a339-9850-11e2-879e-d43d7e0c7c02asterisk -- multiple vulnerabilities

Asterisk project reports:

Buffer Overflow Exploit Through SIP SDP Header

Username disclosure in SIP channel driver

Denial of Service in HTTP server


Discovery 2013-03-27
Entry 2013-03-29
asterisk11
gt 11.* lt 11.2.2

asterisk10
gt 10.* lt 10.12.2

asterisk18
gt 1.8.* lt 1.8.20.2

CVE-2013-2685
CVE-2013-2686
CVE-2013-2264
http://downloads.asterisk.org/pub/security/AST-2013-001.html
http://downloads.asterisk.org/pub/security/AST-2013-002.html
http://downloads.asterisk.org/pub/security/AST-2013-003.html
https://www.asterisk.org/security
dd698b76-42f7-11e1-a1b6-14dae9ebcf89asterisk -- SRTP Video Remote Crash Vulnerability

Asterisk project reports:

An attacker attempting to negotiate a secure video stream can crash Asterisk if video support has not been enabled and the res_srtp Asterisk module is loaded.


Discovery 2012-01-15
Entry 2012-01-20
Modified 2013-06-19
asterisk18
lt 1.8.8.2

asterisk10
lt 10.0.1

http://downloads.asterisk.org/pub/security/AST-2012-001.html
f109b02f-f5a4-11e3-82e9-00a098b18457asterisk -- multiple vulnerabilities

The Asterisk project reports:

Asterisk Manager User Unauthorized Shell Access. Manager users can execute arbitrary shell commands with the MixMonitor manager action. Asterisk does not require system class authorization for a manager user to use the MixMonitor action, so any manager user who is permitted to use manager commands can potentially execute shell commands as the user executing the Asterisk process.

Exhaustion of Allowed Concurrent HTTP Connections. Establishing a TCP or TLS connection to the configured HTTP or HTTPS port respectively in http.conf and then not sending or completing a HTTP request will tie up a HTTP session. By doing this repeatedly until the maximum number of open HTTP sessions is reached, legitimate requests are blocked.


Discovery 2014-06-12
Entry 2014-06-17
asterisk11
lt 11.10.1

asterisk18
lt 1.8.28.1

CVE-2014-4046
CVE-2014-4047
http://downloads.asterisk.org/pub/security/AST-2014-006.pdf
http://downloads.asterisk.org/pub/security/AST-2014-007.pdf
https://www.asterisk.org/security
f7c87a8a-55d5-11e2-a255-c8600054b392asterisk -- multiple vulnerabilities

Asterisk project reports:

Crashes due to large stack allocations when using TCP

Denial of Service Through Exploitation of Device State Caching


Discovery 2013-01-02
Entry 2013-01-03
asterisk11
gt 11.* lt 11.1.2

asterisk10
gt 10.* lt 10.11.1

asterisk18
gt 1.8.* lt 1.8.19.1

CVE-2012-5976
CVE-2012-5977
http://downloads.digium.com/pub/security/AST-2012-014.html
http://downloads.digium.com/pub/security/AST-2012-015.html
https://www.asterisk.org/security
fd2bf3b5-1001-11e3-ba94-0025905a4771asterisk -- multiple vulnerabilities

The Asterisk project reports:

Remote Crash From Late Arriving SIP ACK With SDP

Remote Crash when Invalid SDP is sent in SIP Request


Discovery 2013-08-27
Entry 2013-08-28
Modified 2013-08-29
asterisk11
gt 11.* lt 11.5.1

asterisk10
gt 10.* lt 10.12.3

asterisk18
gt 1.8.* lt 1.8.21.1

CVE-2013-5641
CVE-2013-5642
http://downloads.asterisk.org/pub/security/AST-2013-004.html
http://downloads.asterisk.org/pub/security/AST-2013-005.html
https://www.asterisk.org/security