Buffer Overflow in DNS SRV and NAPTR Lookups in Digium Asterisk 15.x and 16.x before 15.6.2 and 16.0.1

Buffer Overflow in DNS SRV and NAPTR Lookups in Digium Asterisk 15.x and 16.x before 15.6.2 and 16.0.1

CVE-2018-19278 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length.

Learn more about our Web Application Penetration Testing UK.