BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
ES2018-01 Asterisk pjsip subscribe stack corruption Feb 26 2018 04:42PM
Sandro Gauci (sandro enablesecurity com)
# SUBSCRIBE message with a large Accept value causes stack corruption

- Authors:
- Alfred Farrugia <alfred (at) enablesecurity (dot) com [email concealed]>
- Sandro Gauci <sandro (at) enablesecurity (dot) com [email concealed]>
- Latest vulnerable version: Asterisk 15.2.0 running `chan_pjsip`
- Tested vulnerable versions: 15.2.0, 13.19.0, 14.7....

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus