2017-12-13 21:29:00 2018-01-02 18:35:57

A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Digium Asterisk 13.0.0 LTS Digium Asterisk 13.0.0 Beta1 (not an official CPE) Digium Asterisk 13.0.0 Beta2 (not an official CPE) Digium Asterisk 13.0.0 Beta3 (not an official CPE) Digium Asterisk 13.0.1 Digium Asterisk 13.0.2 (not an official CPE) Digium Asterisk 13.1.0 Digium Asterisk 13.1.0 release candidate 1 Digium Asterisk 13.1.0 release candidate 2 Digium Asterisk 13.1.1 (not an official CPE) Digium Asterisk 13.2.0 Digium Asterisk 13.2.0 release candidate 1 Digium Asterisk 13.2.1 (not an official CPE) Digium Asterisk 13.3.0 Rc1 (not an official CPE) Digium Asterisk 13.3.2 (not an official CPE) Digium Asterisk 13.4.0 (not an official CPE) Digium Asterisk 13.4.0 Rc1 (not an official CPE) Digium Asterisk 13.5.0 (not an official CPE) Digium Asterisk 13.5.0 Rc1 (not an official CPE) Digium Asterisk 13.6.0 Rc1 (not an official CPE) Digium Asterisk 13.7.0 Rc1 (not an official CPE) Digium Asterisk 13.7.0 Rc2 (not an official CPE) Digium Asterisk 13.7.1 (not an official CPE) Digium Asterisk 13.7.2 (not an official CPE) Digium Asterisk 13.8.0 (not an official CPE) Digium Asterisk 13.8.0 Rc1 (not an official CPE) Digium Asterisk 13.8.1 (not an official CPE) Digium Asterisk 13.8.2 (not an official CPE) Digium Asterisk 13.9.0 (not an official CPE) Digium Asterisk 13.9.1 (not an official CPE) Digium Asterisk 13.10.0 (not an official CPE) Digium Asterisk 13.10.0 Rc1 (not an official CPE) Digium Asterisk 13.11.0 (not an official CPE) Digium Asterisk 13.11.1 (not an official CPE) Digium Asterisk 13.11.2 (not an official CPE) Digium Asterisk 13.12 (not an official CPE) Digium Asterisk 13.12.0 (not an official CPE) Digium Asterisk 13.12.1 (not an official CPE) Digium Asterisk 13.12.2 (not an official CPE) Digium Asterisk 13.13 (not an official CPE) Digium Asterisk 13.13.0 (not an official CPE) Digium Asterisk 14.0.0 (not an official CPE) Digium Asterisk 14.0.0 Beta1 (not an official CPE) Digium Asterisk 14.0.0 Beta2 (not an official CPE) Digium Asterisk 14.0.0 Rc1 (not an official CPE) Digium Asterisk 14.0.0 Rc2 (not an official CPE) Digium Asterisk 14.0.1 (not an official CPE) Digium Asterisk 14.0.2 (not an official CPE) Digium Asterisk 14.01 (not an official CPE) Digium Asterisk 14.1.0 (not an official CPE) Digium Asterisk 14.1.1 (not an official CPE) Digium Asterisk 14.1.2 (not an official CPE) Digium Asterisk 14.02 (not an official CPE) Digium Asterisk 14.2.0 (not an official CPE) Digium Certified asterisk 13.13 (not an official CPE) Digium Certified asterisk 13.13 Cert1 (not an official CPE) Digium Certified asterisk 13.13 Cert1 rc1 (not an official CPE) Digium Certified asterisk 13.13 Cert1 rc2 (not an official CPE) Digium Certified asterisk 13.13 Cert1 rc3 (not an official CPE) Digium Certified asterisk 13.13 Cert1 rc4 (not an official CPE) Digium Certified asterisk 13.13 Cert2 (not an official CPE) Digium Certified asterisk 13.13 Cert3 (not an official CPE) Digium Certified asterisk 13.13 Cert4 (not an official CPE) Digium Certified asterisk 13.13 Cert5 (not an official CPE) Digium Certified asterisk 13.13 Cert6 (not an official CPE) Digium Certified asterisk 13.13 Cert7 (not an official CPE) Digium Certified asterisk 13.13 Cert8 (not an official CPE)