Lucene search
MitreCVELIST:CVE-2014-2288HistoryApr 18, 2014 - 7:00 p.m.
CVE-2014-2288
2014-04-1819:00:00
mitre
www.cve.org
1
The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency “is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request,” allows remote attackers to cause a denial of service (crash) via a PJSIP endpoint that does not have an associated outgoing request.
References
downloads.asterisk.org/pub/security/AST-2014-003-12.diff
downloads.asterisk.org/pub/security/AST-2014-003.html
lists.fedoraproject.org/pipermail/package-announce/2014-March/130400.html
lists.fedoraproject.org/pipermail/package-announce/2014-March/130426.html
issues.asterisk.org/jira/browse/ASTERISK-23210
Related
cve
cve
CVE-2014-2288
2014-04-18 22:14:38
securityvulns
securityvulns
AST-2014-003: Remote Crash Vulnerability in PJSIP channel driver
2014-03-13 00:00:00
Asterisk multiple security vulnerabilities
2014-03-13 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-04-18 22:14:00
nvd
nvd
CVE-2014-2288
2014-04-18 22:14:38
nessus
nessus
Asterisk PJSIP Channel Driver Options DoS (AST-2014-003)
2014-03-14 00:00:00
FreeBSD : asterisk -- multiple vulnerabilities (03159886-a8a3-11e3-8f36-0025905a4771)
2014-03-12 00:00:00
Fedora 19 : asterisk-11.8.1-1.fc19 (2014-3779)
2014-03-22 00:00:00
ubuntucve
ubuntucve
CVE-2014-2288
2014-04-18 00:00:00
debiancve
debiancve
CVE-2014-2288
2014-04-18 22:14:38
freebsd
freebsd
asterisk -- multiple vulnerabilities
2014-03-10 00:00:00
gentoo
gentoo
Asterisk: Denial of service
2014-05-03 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201405-05
2015-09-29 00:00:00