Lucene search
Veracode Vulnerability DatabaseVERACODE:34969HistoryApr 05, 2022 - 6:59 a.m.
Denial Of Service (DoS)
2022-04-0506:59:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.062 Low
EPSS
Percentile
93.6%
Sangoma Asterisk is vulnerable to denial of service. The vulnerability exists because it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP resulting an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| asterisk:stretch | eq | 1:13.14.1~dfsg-2+deb9u4 | |
| asterisk:stretch | eq | 1:13.14.1~dfsg-2+deb9u4 |
References
downloads.asterisk.org/pub/security/AST-2019-008.html
lists.debian.org/debian-lts-announce/2022/04/msg00001.html
packetstormsecurity.com/files/155436/Asterisk-Project-Security-Advisory-AST-2019-008.html
seclists.org/fulldisclosure/2019/Nov/20
security-tracker.debian.org/tracker/CVE-2019-18976
www.asterisk.org/downloads/security-advisories
www.cybersecurity-help.cz/vdb/SB2019112218?affChecked=1
Related
symantec
symantec
Asterisk Open Source CVE-2019-18976 Denial of Service Vulnerability
2019-11-21 00:00:00
openvas
openvas
Asterisk DoS Vulnerability (AST-2019-008)
2019-11-22 00:00:00
Debian: Security Advisory (DLA-2969-1)
2022-04-04 00:00:00
freebsd
freebsd
asterisk -- Re-invite with T.38 and malformed SDP causes crash
2019-11-07 00:00:00
nessus
nessus
cve
cve
CVE-2019-18976
2019-11-22 17:15:11
cvelist
cvelist
CVE-2019-18976
2019-11-22 16:59:19
prion
prion
Null pointer dereference
2019-11-22 17:15:00
nvd
nvd
CVE-2019-18976
2019-11-22 17:15:11
debiancve
debiancve
CVE-2019-18976
2019-11-22 17:15:11
osv
osv
CVE-2019-18976
2019-11-22 17:15:11
asterisk - security update
2022-04-03 00:00:00
ubuntucve
ubuntucve
CVE-2019-18976
2019-11-22 00:00:00
debian
debian
[SECURITY] [DLA 2969-1] asterisk security update
2022-04-03 05:56:53