CVE-2021-26906

N/A

An issue was discovered in res_pjsip_session.c in Digium Asterisk through 13.38.1; 14.x, 15.x, and 16.x through 16.16.0; 17.x through 17.9.1; and 18.x through 18.2.0, and Certified Asterisk through 16.8-cert5. An SDP negotiation vulnerability in PJSIP allows a remote server to potentially crash Asterisk by sending specific SIP responses that cause an SDP negotiation failure.

N/A

N/A

Digium Asterisk 安全漏洞

Digium Asterisk是美国Digium公司的一套开源电话交换机（PBX）系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。 Digium Asterisk 中存在安全漏洞。该漏洞源于允许远程服务器通过发送导致SDP协商失败的特定SIP响应来潜在地使Asterisk崩溃。以下产品及版本受到影响：Digium Asterisk 13.38.1 版本, Digium Asterisk 14.x 版本, Digium Asterisk 15.x 版本, Digium Asteris

N/A

N/A