![]() ![]() Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable Asterisk servers for calls that rely on DTLS-SRTP. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1 as well as certified-asterisk prior to 18.9-cert6 Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to one vote per person.Īsterisk is an open source private branch exchange and telephony toolkit. ![]() This is due to improper restrictions on the add() function. The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |