Advisory: ES2020-02 – Asterisk crash due to INVITE flood over TCP

November 7, 2020

Posted by Sandro Gauci on Nov 06

# Asterisk crash due to INVITE flood over TCP

– Fixed versions: 13.37.1, 16.14.1, 17.8.1, 18.0.1
– Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2020-02-asterisk-tcp-invite-crash
– Asterisk Security Advisory: https://downloads.asterisk.org/pub/security/AST-2020-001.html
– Tested vulnerable versions: 17.5.1, 17.6.0
– Timeline:
– Report date: 2020-08-31
– Triaged: 2020-09-01
– Fix provided…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source
Tags: , , , , , , , , ,

You may have missed

HIBP Banner 1

Piping Rock – 2,103,100 breached accounts

April 27, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

April 27, 2024
CISA Logo

CISA: CISA and Partners Release Advisory on Akira Ransomware

April 27, 2024
CISA Logo

CISA: CISA Releases Four Industrial Control Systems Advisories

April 27, 2024
CISA Logo

CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller

April 27, 2024