VDB

GCVE-110-MAGEIA-2016-344

GCVE-110-MAGEIA-2016-344
Advisory Published
Vulnetix · Advisory published October 18, 2016
The overlap dialing feature in chan_sip allows chan_sip to report to a device that the number that has been dialed is incomplete and more digits are required. If this functionality is used with a device that has performed username/password authentication RTP resources are leaked. This occurs because the code fails to release the old RTP resources before allocating new ones in this scenario. If all resources are used then RTP port exhaustion will occur and no RTP sessions are able to be set up (AST-2016-007).

Affected Products

VendorProductVersionsPlatforms
Mageiaasterisk0 (affected), 11.23.1-1.mga5 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›