FreeSwitch security vulnerability in json parser
38 views
Skip to first unread message
Mick Burns
Oct 14, 2015, 6:26:34 PM10/14/15
to 2600hz-users
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7392
Anyone checked exposure to this heap overflow while running the current stable package : FreeSWITCH (Version 1.4.15) ?
I assume anyone having access to your media servers ESL sockets can exploit it.
I noticed 1.4.15 kazoo FS package was released by 2600hz on Sept 29th, the date the CVE was released. Related ?
Anyone checked exposure to this heap overflow while running the current stable package : FreeSWITCH (Version 1.4.15) ?
I assume anyone having access to your media servers ESL sockets can exploit it.
I noticed 1.4.15 kazoo FS package was released by 2600hz on Sept 29th, the date the CVE was released. Related ?
Reply all
Reply to author
Forward
0 new messages