Denial of Service Vulnerability in Asterisk Open Source 12.x

Denial of Service Vulnerability in Asterisk Open Source 12.x

CVE-2014-6609 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

Learn more about our Open Source Audit.