vulnerability
FreeBSD: VID-BE0E3817-3BFE-11E9-9CD6-001999F8D30B (CVE-2019-7251): asterisk -- Remote crash vulnerability with SDP protocol violation
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | Jan 24, 2019 | Mar 1, 2019 | May 7, 2019 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Jan 24, 2019
Added
Mar 1, 2019
Modified
May 7, 2019
Description
An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.
Solution(s)
freebsd-upgrade-package-asterisk15freebsd-upgrade-package-asterisk16
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.