Test Kennung:	1.3.6.1.4.1.25623.1.0.145527
Kategorie:	Denial of Service
Titel:	Asterisk DoS Vulnerability (AST-2021-006)
Zusammenfassung:	Asterisk is prone to a denial of service vulnerability when; negotiating T.38 with a zero port.
Beschreibung:	Summary: Asterisk is prone to a denial of service vulnerability when negotiating T.38 with a zero port. Vulnerability Insight: When Asterisk sends a re-invite initiating T.38 faxing and the endpoint responds with a m=image line and zero port, a crash will occur in Asterisk. This is a re-occurrence of AST-2019-004. Affected Software/OS: Asterisk Open Source 16.x, 17.x, 18.x and 16.x Certified Asterisk. Solution: Update to version 16.16.2, 17.9.3, 18.2.2, 16.8-cert7 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-15297 http://seclists.org/fulldisclosure/2021/Mar/5 http://packetstormsecurity.com/files/154371/Asterisk-Project-Security-Advisory-AST-2019-004.html http://packetstormsecurity.com/files/161671/Asterisk-Project-Security-Advisory-AST-2021-006.html Common Vulnerability Exposure (CVE) ID: CVE-2021-46837 Debian Security Information: DSA-5285 (Google Search) https://www.debian.org/security/2022/dsa-5285 https://downloads.asterisk.org/pub/security/AST-2021-006.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html
Copyright	Copyright (C) 2021 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.