FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a8d94711-0d03-11ea-87ca-001999f8d30basterisk -- SIP request can change address of a SIP peer

The Asterisk project reports:

A SIP request can be sent to Asterisk that can change a SIP peers IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peers name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.


Discovery 2019-10-17
Entry 2019-11-22
asterisk13
lt 13.29.2

asterisk16
lt 16.6.2

https://downloads.asterisk.org/pub/security/AST-2019-006.html
CVE-2019-18790