Remote Crash Vulnerability in Asterisk Open Source 13.x, 14.x, 15.x, and Certified Asterisk 13.13-cert9

Remote Crash Vulnerability in Asterisk Open Source 13.x, 14.x, 15.x, and Certified Asterisk 13.13-cert9

CVE-2017-17664 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack.

Learn more about our Open Source Audit.