Detections
Analytics
FreeBSD : asterisk -- Remote crash in res_pjsip_diversion (6adf6ce0-44a6-11eb-95b7-001999f8d30b)
high Nessus Plugin ID 144573
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
The Asterisk project reports :AST-2020-003: A crash can occur in Asterisk when a SIP message is received that has a History-Info header, which contains a tel-uri.
AST-2020-004: A crash can occur in Asterisk when a SIP 181 response is received that has a Diversion header, which contains a tel-uri.
Solution
Update the affected packages.See Also
https://downloads.asterisk.org/pub/security/AST-2020-004.html
http://www.nessus.org/u?a1e4896a
https://downloads.asterisk.org/pub/security/AST-2020-003.html
Plugin Details
Severity: High
ID: 144573
File Name: freebsd_pkg_6adf6ce044a611eb95b7001999f8d30b.nasl
Version: 1.1
Type: local
Family: FreeBSD Local Security Checks
Published: 12/23/2020
Updated: 12/23/2020
Supported Sensors: Nessus
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:asterisk13, p-cpe:/a:freebsd:freebsd:asterisk16, p-cpe:/a:freebsd:freebsd:asterisk18, cpe:/o:freebsd:freebsd
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 12/22/2020
Vulnerability Publication Date: 12/2/2020