FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
be0e3817-3bfe-11e9-9cd6-001999f8d30basterisk -- Remote crash vulnerability with SDP protocol violation

The Asterisk project reports:

When Asterisk makes an outgoing call, a very specific SDP protocol violation by the remote party can cause Asterisk to crash.


Discovery 2019-01-24
Entry 2019-03-01
asterisk15
< 15.7.2

asterisk16
< 16.2.1

https://downloads.asterisk.org/pub/security/AST-2019-001.html
CVE-2019-7251
d94c08d2-d079-11e9-8f1a-001999f8d30basterisk -- Crash when negotiating for T.38 with a declined stream

The Asterisk project reports:

When Asterisk sends a re-invite initiating T.38 faxing, and the endpoint responds with a declined media stream a crash will then occur in Asterisk.


Discovery 2019-08-05
Entry 2019-09-06
asterisk15
< 15.7.4

asterisk16
< 16.5.1

https://downloads.asterisk.org/pub/security/AST-2019-004.html
CVE-2019-15297
e9d2e981-a46d-11e9-bed9-001999f8d30basterisk -- Remote Crash Vulnerability in chan_sip channel driver

The Asterisk project reports:

When T.38 faxing is done in Asterisk a T.38 reinvite may be sent to an endpoint to switch it to T.38. If the endpoint responds with an improperly formatted SDP answer including both a T.38 UDPTL stream and an audio or video stream containing only codecs not allowed on the SIP peer or user a crash will occur. The code incorrectly assumes that there will be at least one common codec when T.38 is also in the SDP answer.


Discovery 2019-06-28
Entry 2019-07-12
asterisk13
< 13.27.1

asterisk15
< 15.7.3

asterisk16
< 16.4.1

https://downloads.asterisk.org/pub/security/AST-2019-003.html
CVE-2019-13161
818b2bcb-a46f-11e9-bed9-001999f8d30basterisk -- Remote crash vulnerability with MESSAGE messages

The Asterisk project reports:

A specially crafted SIP in-dialog MESSAGE message can cause Asterisk to crash.


Discovery 2019-06-13
Entry 2019-07-12
asterisk13
< 13.27.1

asterisk15
< 15.7.3

asterisk16
< 16.4.1

https://downloads.asterisk.org/pub/security/AST-2019-002.html
CVE-2019-12827