← volver
CVE-2018-7286

CVE-2018-7286

EPSS 39.5%
An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. res_pjsip allows remote authenticated users to crash Asterisk (segmentation fault) by sending a number of SIP INVITE messages on a TCP or TLS connection and then suddenly closing the connection.
Productos afectados
n/a · n/a
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/44181/no verificadoexploitdbwww.exploit-db.com/exploits/44181no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://downloads.asterisk.org/pub/security/AST-2018-005.htmlhttps://issues.asterisk.org/jira/browse/ASTERISK-27618https://www.debian.org/security/2018/dsa-4320https://www.exploit-db.com/exploits/44181/http://www.securityfocus.com/bid/103129http://www.securitytracker.com/id/1040417