Lucene search
China National Vulnerability DatabaseCNVD-2023-99030HistoryDec 18, 2023 - 12:00 a.m.
Asterisk Buffer Overflow Vulnerability (CNVD-2023-9903086)
2023-12-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
25
asterisk
buffer overflow
vulnerability
pjsip_header
linux
sip
iax
h323
exploit
Asterisk is a software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk suffers from a buffer overflow vulnerability, which stems from the “update” function of the PJSIP_HEADER dialplan function that may exceed the available buffer space for storing the new value of the header, which can be exploited by an attacker to potentially overwrite memory or cause a crash.
Related
nvd
nvd
CVE-2023-37457
2023-12-14 20:15:52
osv
osv
CVE-2023-37457
2023-12-14 20:15:52
asterisk - security update
2023-12-28 00:00:00
asterisk - security update
2024-01-04 00:00:00
debiancve
debiancve
CVE-2023-37457
2023-12-14 20:15:52
cvelist
cvelist
prion
prion
Design/Logic Flaw
2023-12-14 20:15:00
alpinelinux
alpinelinux
CVE-2023-37457
2023-12-14 20:15:52
veracode
veracode
Buffer Overflow
2024-01-13 17:28:17
ubuntucve
ubuntucve
CVE-2023-37457
2023-12-14 00:00:00
cve
cve
CVE-2023-37457
2023-12-14 20:15:52
openvas
openvas
Asterisk Multiple Vulnerabilities (Dec 2023)
2023-12-15 00:00:00
Debian: Security Advisory (DSA-5596-1)
2024-01-12 00:00:00
Debian: Security Advisory (DLA-3696-1)
2024-01-12 00:00:00
debian
debian
[SECURITY] [DSA 5596-1] asterisk security update
2024-01-04 21:39:15
[SECURITY] [DLA 3696-1] asterisk security update
2023-12-28 23:01:50