FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- DOS Vulnerability in Asterisk chan_skinny

Affected packages
asterisk13 < 13.18.3

Details

VuXML ID e91cf90c-d6dd-11e7-9d10-001999f8d30b
Discovery 2017-11-30
Entry 2017-12-01
Modified 2017-12-13

The Asterisk project reports:

If the chan_skinny (AKA SCCP protocol) channel driver is flooded with certain requests it can cause the asterisk process to use excessive amounts of virtual memory eventually causing asterisk to stop processing requests of any kind.

References

CVE Name CVE-2017-17090
URL https://downloads.asterisk.org/pub/security/AST-2017-013.html