FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c2ea3b31-9d75-11e7-bb13-001999f8d30b	asterisk -- RTP/RTCP information leak The Asterisk project reports: This is a follow up advisory to AST-2017-005. Insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetric_rtp" options allow redirecting where Asterisk sends the next RTCP report. The RTP stream qualification to learn the source address of media always accepted the first RTP packet as the new source and allowed what AST-2017-005 was mitigating. The intent was to qualify a series of packets before accepting the new source address. The RTP/RTCP stack will now validate RTCP packets before processing them. Discovery 2017-09-01 Entry 2017-09-19 asterisk11 < 11.25.3 asterisk13 < 13.17.2 https://downloads.asterisk.org/pub/security/AST-2017-008.html CVE-2017-14099
c599f95c-8ee5-11e7-8be8-001999f8d30b	asterisk -- Unauthorized data disclosure and shell access command injection in app_minivm The Asterisk project reports: AST-2017-005 - A change was made to the strict RTP support in the RTP stack to better tolerate late media when a reinvite occurs. When combined with the symmetric RTP support this introduced an avenue where media could be hijacked. Instead of only learning a new address when expected the new code allowed a new source address to be learned at all times. AST-2017-006 - The app_minivm module has an "externnotify" program configuration option that is executed by the MinivmNotify dialplan application. The application uses the caller-id name and number as part of a built string passed to the OS shell for interpretation and execution. Since the caller-id name and number can come from an untrusted source, a crafted caller-id name or number allows an arbitrary shell command injection. Discovery 2017-08-31 Entry 2017-09-01 asterisk11 < 11.25.2 asterisk13 < 13.17.1 https://downloads.asterisk.org/pub/security/AST-2017-005.html CVE-2017-14099 https://downloads.asterisk.org/pub/security/AST-2017-006.html CVE-2017-14100

VuXML ID

Description

c2ea3b31-9d75-11e7-bb13-001999f8d30b

asterisk -- RTP/RTCP information leak

The Asterisk project reports:

This is a follow up advisory to AST-2017-005.

Insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetric_rtp" options allow redirecting where Asterisk sends the next RTCP report.

The RTP stream qualification to learn the source address of media always accepted the first RTP packet as the new source and allowed what AST-2017-005 was mitigating. The intent was to qualify a series of packets before accepting the new source address.

The RTP/RTCP stack will now validate RTCP packets before processing them.

Discovery 2017-09-01
Entry 2017-09-19
asterisk11

< 11.25.3

asterisk13

< 13.17.2

https://downloads.asterisk.org/pub/security/AST-2017-008.html
CVE-2017-14099

c599f95c-8ee5-11e7-8be8-001999f8d30b

asterisk -- Unauthorized data disclosure and shell access command injection in app_minivm

The Asterisk project reports:

AST-2017-005 - A change was made to the strict RTP support in the RTP stack to better tolerate late media when a reinvite occurs. When combined with the symmetric RTP support this introduced an avenue where media could be hijacked. Instead of only learning a new address when expected the new code allowed a new source address to be learned at all times.

AST-2017-006 - The app_minivm module has an "externnotify" program configuration option that is executed by the MinivmNotify dialplan application. The application uses the caller-id name and number as part of a built string passed to the OS shell for interpretation and execution. Since the caller-id name and number can come from an untrusted source, a crafted caller-id name or number allows an arbitrary shell command injection.

Discovery 2017-08-31
Entry 2017-09-01
asterisk11

< 11.25.2

asterisk13

< 13.17.1

https://downloads.asterisk.org/pub/security/AST-2017-005.html
CVE-2017-14099
https://downloads.asterisk.org/pub/security/AST-2017-006.html
CVE-2017-14100