Showing 1 - 9 of 9

Files from Alfred Farrugia

Email address	alfred at enablesecurity.com
First Active	2017-05-22
Last Active	2024-10-22

DTLS ClientHello Race Conditions In WebRTC Implementations: Posted Oct 22, 2024; Authored by Sandro Gauci, Alfred Farrugia | Site enablesecurity.com; This white paper, titled "DTLS 'ClientHello' Race Conditions in WebRTC Implementations," details a security vulnerability affecting multiple WebRTC implementations. The research uncovers a security flaw where certain implementations fail to properly verify the origin of DTLS "ClientHello" messages in WebRTC sessions, potentially leading to denial of service attacks. The paper includes methodology, affected systems, and recommendations for mitigation.; tags | paper, denial of service; SHA-256 | eb9b90060957ab9a31665bc8c84c603533eeccd79e0c24bfa578d26e43901509; Download | Favorite | View

Kamailio 5.1.1 / 5.1.0 / 5.0.0 Heap Overflow: Posted Mar 20, 2018; Authored by Sandro Gauci, Alfred Farrugia; Kamailio versions 5.1.1, 5.1.0, and 5.0.0 suffer from an off-by-one heap overflow vulnerability.; tags | exploit, overflow; SHA-256 | b66a979516888fcd02663798f792032a195e6a13fb1ac62c080ec038c284f8d0; Download | Favorite | View

Asterisk 15.2.0 chan_pjsip INVITE Denial Of Service: Posted Feb 26, 2018; Authored by Sandro Gauci, Alfred Farrugia; Asterisk running chan_pjsip suffers from an INVITE message denial of service vulnerability. Versions affected include Versions affected include 15.2.0, 15.1.0, 15.0.0, 13.19.0, 13.11.2, and 14.7.5.; tags | exploit, denial of service; advisories | CVE-2018-7286; SHA-256 | f1253625e46f227de8752682b32d8862adf05b987de5b3ce80dd452d37d33ce3; Download | Favorite | View

Asterisk 15.2.0 chan_pjsip SDP Media Format Denial Of Service: Posted Feb 26, 2018; Authored by Sandro Gauci, Alfred Farrugia; Asterisk running chan_pjsip suffers from an SDP message related denial of service vulnerability. Versions affected include 13.10.0, 15.1.3, 15.1.4, 15.1.5, and 15.2.0.; tags | exploit, denial of service; SHA-256 | dcd272d0bdc191e8821a8ff0875bcb1f860b59d55a4d240aea12f18340ff7f74; Download | Favorite | View

Asterisk 15.2.0 chan_pjsip SDP fmtp Denial Of Service: Posted Feb 26, 2018; Authored by Sandro Gauci, Alfred Farrugia; Asterisk version 15.2.0 running chan_pjsip suffers from an SDP message related denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | bb991ba13071f908ba4e3a364bc5fd50ffb86a758000294812e5c584d0d94d00; Download | Favorite | View

Asterisk 15.2.0 chan_pjsip SUBSCRIBE Stack Corruption: Posted Feb 26, 2018; Authored by Sandro Gauci, Alfred Farrugia; Asterisk running chan_pjsip suffers from a SUBSCRIBE message stack corruption vulnerability. Vulnerable versions include 15.2.0, 13.19.0, 14.7.5, and 13.11.2.; tags | exploit; advisories | CVE-2018-7284; SHA-256 | 7ce6eb5d2b74840cec684d30e389db8a84881dd35088091f86c3e601f3984460; Download | Favorite | View

Asterisk 14.4.0 Skinny Denial Of Service: Posted May 22, 2017; Authored by Sandro Gauci, Alfred Farrugia; Asterisk version 14.4.0 with chan_skinny enabled suffers from a memory exhaustion vulnerability that can lead to a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | f873e04bcb0eecc9597ab97c172b350143d8b4bc7a90a33fabc8192c71a4c519; Download | Favorite | View

Asterisk 14.4.0 PJSIP 2.6 Denial Of Service: Posted May 22, 2017; Authored by Sandro Gauci, Alfred Farrugia; Asterisk version 14.4.0 running chan_pjsip with PJSIP version 2.6 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 26735dd3956e23cd86d3bfd7f09cf45b7e07e2f91f84b5f91c48da4e3976b767; Download | Favorite | View

Asterisk 14.4.0 PJSIP 2.6 Heap Overflow: Posted May 22, 2017; Authored by Sandro Gauci, Alfred Farrugia; Asterisk version 14.4.0 with PJSIP version 2.6 suffers from a heap overflow vulnerability in CSEQ header parsing.; tags | exploit, overflow; SHA-256 | 96d2411683190b99bf76dad788720f5b886c567643bf4124f892badaecf39a31; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days