FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a8d94711-0d03-11ea-87ca-001999f8d30b	asterisk -- SIP request can change address of a SIP peer The Asterisk project reports: A SIP request can be sent to Asterisk that can change a SIP peers IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peers name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport. Discovery 2019-10-17 Entry 2019-11-22 asterisk13 lt 13.29.2 asterisk16 lt 16.6.2 https://downloads.asterisk.org/pub/security/AST-2019-006.html CVE-2019-18790

VuXML ID

Description

a8d94711-0d03-11ea-87ca-001999f8d30b

asterisk -- SIP request can change address of a SIP peer

The Asterisk project reports:

A SIP request can be sent to Asterisk that can change a SIP peers IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peers name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.

Discovery 2019-10-17
Entry 2019-11-22
asterisk13

lt 13.29.2

asterisk16

lt 16.6.2

https://downloads.asterisk.org/pub/security/AST-2019-006.html
CVE-2019-18790