Detections
Analytics

FreeBSD : asterisk -- Remote crash in res_pjsip_diversion (6adf6ce0-44a6-11eb-95b7-001999f8d30b)

high Nessus Plugin ID 144573

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

The Asterisk project reports :

AST-2020-003: A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri.

AST-2020-004: A crash can occur in Asterisk when a SIP 181 response is received that has a Diversion header, which contains a tel-uri.

Solution

Update the affected packages.

See Also

https://downloads.asterisk.org/pub/security/AST-2020-003.html

https://downloads.asterisk.org/pub/security/AST-2020-004.html

http://www.nessus.org/u?a1e4896a

Plugin Details

Severity: High

ID: 144573

File Name: freebsd_pkg_6adf6ce044a611eb95b7001999f8d30b.nasl

Version: 1.1

Type: local

Published: 12/23/2020

Updated: 12/23/2020

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:asterisk13, p-cpe:/a:freebsd:freebsd:asterisk16, p-cpe:/a:freebsd:freebsd:asterisk18, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 12/22/2020

Vulnerability Publication Date: 12/2/2020