1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
PublicDate: 2007-04-26
Candidate: CVE-2007-2293
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2293
Description:
Multiple stack-based buffer overflows in the process_sdp function in
chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3
allow remote attackers to execute arbitrary code via a long (1)
T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as
demonstrated using SIP INVITE.
Ubuntu-Description:
Notes:
Bugs:
dapper_asterisk: not-affected
edgy_asterisk: not-affected
feisty_asterisk: not-affected
devel_asterisk: not-affected
upstream_asterisk:
|