Test Kennung:	1.3.6.1.4.1.25623.1.0.145419
Kategorie:	Denial of Service
Titel:	Asterisk DoS Vulnerability (AST-2021-004)
Zusammenfassung:	Asterisk is prone to a denial of service vulnerability where an; unsuspecting user could crash Asterisk with multiple hold/unhold requests.
Beschreibung:	Summary: Asterisk is prone to a denial of service vulnerability where an unsuspecting user could crash Asterisk with multiple hold/unhold requests. Vulnerability Insight: Due to a signedness comparison mismatch, an authenticated WebRTC client could cause a stack overflow and Asterisk crash by sending multiple hold/unhold requests in quick succession. Affected Software/OS: Asterisk Open Source 16.16.0, 17.9.1, 18.2.0 and 16.8-cert5. Solution: Update to version 16.16.1, 17.9.2, 18.2.1, 16.8-cert6 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-26713 https://downloads.asterisk.org/pub/security/ https://downloads.asterisk.org/pub/security/AST-2021-004.html https://issues.asterisk.org/jira/browse/ASTERISK-29205
Copyright	Copyright (C) 2021 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.