vulnerability
Debian: CVE-2017-17090: asterisk -- security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Dec 1, 2017 | Dec 31, 2017 | Nov 27, 2024 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Dec 1, 2017
Added
Dec 31, 2017
Modified
Nov 27, 2024
Description
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk process to use excessive amounts of virtual memory, eventually causing asterisk to stop processing requests of any kind.
Solution
debian-upgrade-asterisk

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.