vulnerability
FreeBSD: VID-19b052c9-c533-11e7-8da5-001999f8d30b: asterisk -- Buffer overflow in pjproject header parsing can cause crash in Asterisk
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Nov 9, 2017 | Nov 9, 2017 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Nov 9, 2017
Added
Nov 9, 2017
Modified
Dec 10, 2025
Description
The Asterisk project reports: By carefully crafting invalid values in the Cseq and the Via header port, pjprojects packet parsing code can create strings larger than the buffer allocated to hold them. This will usually cause Asterisk to crash immediately. The packets do not have to be authenticated.
Solutions
freebsd-upgrade-package-asterisk13freebsd-upgrade-package-pjsipfreebsd-upgrade-package-pjsip-extsrtp
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.