FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-22 18:21:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
29b7f0be-1fb7-11eb-b9d4-001999f8d30b	asterisk -- Outbound INVITE loop on challenge with different nonce The Asterisk project reports: If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur. Discovery 2020-11-05 Entry 2020-11-05 asterisk13 < 13.37.1 asterisk16 < 16.14.1 asterisk18 < 18.0.1 https://downloads.asterisk.org/pub/security/AST-2020-002.html

VuXML ID

Description

29b7f0be-1fb7-11eb-b9d4-001999f8d30b

asterisk -- Outbound INVITE loop on challenge with different nonce

The Asterisk project reports:

If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur.

Discovery 2020-11-05
Entry 2020-11-05
asterisk13

< 13.37.1

asterisk16

< 16.14.1

asterisk18

< 18.0.1

https://downloads.asterisk.org/pub/security/AST-2020-002.html