FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 21:13:12 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2a3bc6ac-e7c6-11e7-a90b-001999f8d30b	asterisk -- Crash in PJSIP resource when missing a contact header The Asterisk project reports: A select set of SIP messages create a dialog in Asterisk. Those SIP messages must contain a contact header. For those messages, if the header was not present and using the PJSIP channel driver, it would cause Asterisk to crash. The severity of this vulnerability is somewhat mitigated if authentication is enabled. If authentication is enabled a user would have to first be authorized before reaching the crash point. Discovery 2017-12-12 Entry 2017-12-23 asterisk13 < 13.18.5 https://downloads.asterisk.org/pub/security/AST-2017-014.html CVE-2017-17850

VuXML ID

Description

2a3bc6ac-e7c6-11e7-a90b-001999f8d30b

asterisk -- Crash in PJSIP resource when missing a contact header

The Asterisk project reports:

A select set of SIP messages create a dialog in Asterisk. Those SIP messages must contain a contact header. For those messages, if the header was not present and using the PJSIP channel driver, it would cause Asterisk to crash. The severity of this vulnerability is somewhat mitigated if authentication is enabled. If authentication is enabled a user would have to first be authorized before reaching the crash point.

Discovery 2017-12-12
Entry 2017-12-23
asterisk13

< 13.18.5

https://downloads.asterisk.org/pub/security/AST-2017-014.html
CVE-2017-17850