[asterisk-bugs] [JIRA] (ASTERISK-27640) SUBSCRIBE message with a large Accept value causes stack corruption
Kevin Harwell (JIRA)
noreply at issues.asterisk.org
Mon Apr 1 13:21:52 CDT 2019
[ https://issues.asterisk.org/jira/browse/ASTERISK-27640?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Harwell updated ASTERISK-27640:
-------------------------------------
Target Release Version/s: 16.3.0
> SUBSCRIBE message with a large Accept value causes stack corruption
> -------------------------------------------------------------------
>
> Key: ASTERISK-27640
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-27640
> Project: Asterisk
> Issue Type: Security
> Components: Channels/chan_pjsip
> Affects Versions: 15.2.0
> Reporter: Sandro Gauci
> Assignee: Unassigned
> Severity: Blocker
> Labels: patch, security
> Target Release: 13.19.2, 13.20.0, 14.7.6, 15.2.2, 15.3.0, 16.0.0, 16.3.0
>
> Attachments: advisory.md, ASTERISK-27640.diff, extensions.conf, pjsip.conf
>
>
> A large SUBSCRIBE message with multiple malformed `Accept` headers will crash Asterisk due to stack corruption. Please see advisory.md for full details and script to reproduce the issue.
> Configuration files are attached too.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list