VYPR
Unrated severityOSV Advisory· Published Nov 14, 2018· Updated Sep 16, 2024

CVE-2018-19278

CVE-2018-19278

Description

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Digium/AsteriskOSV2 versions
    15.0.0, 15.0.0-beta1, 15.0.0-rc1, …+ 1 more
    • (no CPE)range: 15.0.0, 15.0.0-beta1, 15.0.0-rc1, …
    • (no CPE)range: <15.6.2, <16.0.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.