Vulnerabilites related to asterisk - open_source
CVE-2013-2264 (GCVE-0-2013-2264)
Vulnerability from cvelistv5
Published
2013-03-29 18:00
Modified
2024-09-16 17:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.188Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-21013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-29T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-21013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://downloads.asterisk.org/pub/security/AST-2013-003.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2013-003.html"
},
{
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-21013",
"refsource": "CONFIRM",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-21013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2264",
"datePublished": "2013-03-29T18:00:00Z",
"dateReserved": "2013-02-20T00:00:00Z",
"dateUpdated": "2024-09-16T17:38:10.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1333 (GCVE-0-2008-1333)
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "asterisk-astverbose-dos(41301)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41301"
},
{
"name": "20080318 AST-2008-004: Format String Vulnerability in Logger and Manager",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489823/100/0/threaded"
},
{
"name": "1019630",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019630"
},
{
"name": "28311",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28311"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-004.html"
},
{
"name": "DSA-1525",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "29426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "ADV-2008-0928",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"name": "29456",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29456"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "asterisk-astverbose-dos(41301)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41301"
},
{
"name": "20080318 AST-2008-004: Format String Vulnerability in Logger and Manager",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489823/100/0/threaded"
},
{
"name": "1019630",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019630"
},
{
"name": "28311",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28311"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-004.html"
},
{
"name": "DSA-1525",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "29426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "ADV-2008-0928",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"name": "29456",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29456"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "asterisk-astverbose-dos(41301)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41301"
},
{
"name": "20080318 AST-2008-004: Format String Vulnerability in Logger and Manager",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489823/100/0/threaded"
},
{
"name": "1019630",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019630"
},
{
"name": "28311",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28311"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2008-004.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2008-004.html"
},
{
"name": "DSA-1525",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "29426",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29426"
},
{
"name": "http://www.asterisk.org/node/48466",
"refsource": "CONFIRM",
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "ADV-2008-0928",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"name": "29456",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29456"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1333",
"datePublished": "2008-03-20T00:00:00",
"dateReserved": "2008-03-13T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2686 (GCVE-0-2013-2686)
Vulnerability from cvelistv5
Published
2013-03-29 18:00
Modified
2024-09-16 22:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20967"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://telussecuritylabs.com/threats/show/TSL20130327-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-29T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20967"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://telussecuritylabs.com/threats/show/TSL20130327-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2686",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-20967",
"refsource": "CONFIRM",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20967"
},
{
"name": "http://telussecuritylabs.com/threats/show/TSL20130327-01",
"refsource": "MISC",
"url": "http://telussecuritylabs.com/threats/show/TSL20130327-01"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2013-002.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2013-002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2686",
"datePublished": "2013-03-29T18:00:00Z",
"dateReserved": "2013-03-25T00:00:00Z",
"dateUpdated": "2024-09-16T22:35:02.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0885 (GCVE-0-2012-0885)
Vulnerability from cvelistv5
Published
2012-01-25 15:00
Modified
2024-09-16 23:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19202"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff"
},
{
"name": "[oss-security] 20120120 CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/16"
},
{
"name": "[oss-security] 20120120 Re: CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783487"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-25T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19202"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff"
},
{
"name": "[oss-security] 20120120 CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/16"
},
{
"name": "[oss-security] 20120120 Re: CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783487"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff"
},
{
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-19202",
"refsource": "CONFIRM",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19202"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff"
},
{
"name": "[oss-security] 20120120 CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/16"
},
{
"name": "[oss-security] 20120120 Re: CVE Request -- Asterisk AST-2012-001 / Remote DoS while processing crypto line for media stream with non-existing RTP",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/18"
},
{
"name": "https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch",
"refsource": "CONFIRM",
"url": "https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=783487",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783487"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-001.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0885",
"datePublished": "2012-01-25T15:00:00Z",
"dateReserved": "2012-01-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:41:35.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2186 (GCVE-0-2012-2186)
Vulnerability from cvelistv5
Published
2012-08-31 14:00
Modified
2024-08-06 19:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:08.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "50687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50687"
},
{
"name": "50756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50756"
},
{
"name": "DSA-2550",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"
},
{
"name": "1027460",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027460"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-31T09:00:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "50687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50687"
},
{
"name": "50756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50756"
},
{
"name": "DSA-2550",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"
},
{
"name": "1027460",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027460"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-2186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "50687",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50687"
},
{
"name": "50756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50756"
},
{
"name": "DSA-2550",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2550"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-012.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"
},
{
"name": "1027460",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027460"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-2186",
"datePublished": "2012-08-31T14:00:00",
"dateReserved": "2012-04-04T00:00:00",
"dateUpdated": "2024-08-06T19:26:08.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4063 (GCVE-0-2011-4063)
Vulnerability from cvelistv5
Published
2011-10-21 10:00
Modified
2024-08-06 23:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:53:32.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1026191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026191"
},
{
"name": "8478",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8478"
},
{
"name": "46420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46420"
},
{
"name": "20111017 AST-2011-012: Remote crash vulnerability in SIP channel driver",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520141/100/0/threaded"
},
{
"name": "50177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50177"
},
{
"name": "asterisk-sip-channel-driver-dos(70706)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70706"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2011-012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1026191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026191"
},
{
"name": "8478",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8478"
},
{
"name": "46420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46420"
},
{
"name": "20111017 AST-2011-012: Remote crash vulnerability in SIP channel driver",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520141/100/0/threaded"
},
{
"name": "50177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50177"
},
{
"name": "asterisk-sip-channel-driver-dos(70706)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70706"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2011-012.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1026191",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026191"
},
{
"name": "8478",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8478"
},
{
"name": "46420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46420"
},
{
"name": "20111017 AST-2011-012: Remote crash vulnerability in SIP channel driver",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520141/100/0/threaded"
},
{
"name": "50177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50177"
},
{
"name": "asterisk-sip-channel-driver-dos(70706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70706"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2011-012.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2011-012.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4063",
"datePublished": "2011-10-21T10:00:00",
"dateReserved": "2011-10-15T00:00:00",
"dateUpdated": "2024-08-06T23:53:32.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2119 (GCVE-0-2008-2119)
Vulnerability from cvelistv5
Published
2008-06-04 19:17
Modified
2024-08-07 08:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:58.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "30517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30517"
},
{
"name": "5749",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5749"
},
{
"name": "asterisk-asturidecode-dos(42823)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42823"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.digium.com/view.php?id=12607"
},
{
"name": "1020166",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020166"
},
{
"name": "20080603 AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493020/100/0/threaded"
},
{
"name": "ADV-2008-1731",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1731"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.digium.com/view/asterisk?view=rev\u0026revision=120109"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "30517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30517"
},
{
"name": "5749",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5749"
},
{
"name": "asterisk-asturidecode-dos(42823)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42823"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.digium.com/view.php?id=12607"
},
{
"name": "1020166",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020166"
},
{
"name": "20080603 AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493020/100/0/threaded"
},
{
"name": "ADV-2008-1731",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1731"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.digium.com/view/asterisk?view=rev\u0026revision=120109"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-008.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200905-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "30517",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30517"
},
{
"name": "5749",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5749"
},
{
"name": "asterisk-asturidecode-dos(42823)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42823"
},
{
"name": "http://bugs.digium.com/view.php?id=12607",
"refsource": "CONFIRM",
"url": "http://bugs.digium.com/view.php?id=12607"
},
{
"name": "1020166",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020166"
},
{
"name": "20080603 AST-2008-008: Remote Crash Vulnerability in SIP channel driver when run in pedantic mode",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493020/100/0/threaded"
},
{
"name": "ADV-2008-1731",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1731"
},
{
"name": "34982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34982"
},
{
"name": "http://svn.digium.com/view/asterisk?view=rev\u0026revision=120109",
"refsource": "CONFIRM",
"url": "http://svn.digium.com/view/asterisk?view=rev\u0026revision=120109"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2008-008.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2008-008.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2119",
"datePublished": "2008-06-04T19:17:00",
"dateReserved": "2008-05-08T00:00:00",
"dateUpdated": "2024-08-07T08:49:58.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2414 (GCVE-0-2012-2414)
Vulnerability from cvelistv5
Published
2012-04-30 20:00
Modified
2024-08-06 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2460",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"name": "81454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81454"
},
{
"name": "1026961",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026961"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-004.html"
},
{
"name": "48941",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48941"
},
{
"name": "53206",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53206"
},
{
"name": "asterisk-originate-command-exec(75100)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75100"
},
{
"name": "FEDORA-2012-6724",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48891"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-2460",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"name": "81454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81454"
},
{
"name": "1026961",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026961"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-004.html"
},
{
"name": "48941",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48941"
},
{
"name": "53206",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53206"
},
{
"name": "asterisk-originate-command-exec(75100)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75100"
},
{
"name": "FEDORA-2012-6724",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48891"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2460",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"name": "81454",
"refsource": "OSVDB",
"url": "http://osvdb.org/81454"
},
{
"name": "1026961",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026961"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-004.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-004.html"
},
{
"name": "48941",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48941"
},
{
"name": "53206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53206"
},
{
"name": "asterisk-originate-command-exec(75100)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75100"
},
{
"name": "FEDORA-2012-6724",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48891"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2414",
"datePublished": "2012-04-30T20:00:00",
"dateReserved": "2012-04-23T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1923 (GCVE-0-2008-1923)
Vulnerability from cvelistv5
Published
2008-04-23 16:00
Modified
2024-08-07 08:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends "early audio" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:41:00.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "asterisk-new-dos(42049)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42049"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends \"early audio\" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "asterisk-new-dos(42049)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42049"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends \"early audio\" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "asterisk-new-dos(42049)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42049"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2008-006.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"name": "http://bugs.digium.com/view.php?id=10078",
"refsource": "CONFIRM",
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"name": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=1",
"refsource": "MISC",
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1923",
"datePublished": "2008-04-23T16:00:00",
"dateReserved": "2008-04-23T00:00:00",
"dateUpdated": "2024-08-07T08:41:00.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2346 (GCVE-0-2009-2346)
Vulnerability from cvelistv5
Published
2009-09-08 18:00
Modified
2024-08-07 05:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:44:55.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022819"
},
{
"name": "20090903 AST-2009-006: IAX2 Call Number Resource Exhaustion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/506257/100/0/threaded"
},
{
"name": "36593",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36593"
},
{
"name": "36275",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36275"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2009-006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1022819",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022819"
},
{
"name": "20090903 AST-2009-006: IAX2 Call Number Resource Exhaustion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/506257/100/0/threaded"
},
{
"name": "36593",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36593"
},
{
"name": "36275",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36275"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2009-006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022819",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022819"
},
{
"name": "20090903 AST-2009-006: IAX2 Call Number Resource Exhaustion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/506257/100/0/threaded"
},
{
"name": "36593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36593"
},
{
"name": "36275",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36275"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2009-006.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2009-006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2346",
"datePublished": "2009-09-08T18:00:00",
"dateReserved": "2009-07-07T00:00:00",
"dateUpdated": "2024-08-07T05:44:55.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0095 (GCVE-0-2008-0095)
Vulnerability from cvelistv5
Published
2008-01-08 02:00
Modified
2024-08-07 07:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27110",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27110"
},
{
"name": "FEDORA-2008-0199",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html"
},
{
"name": "ADV-2008-0019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0019"
},
{
"name": "20080102 AST-2008-001: Crash from transfer using BYE with Also header",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485727/100/0/threaded"
},
{
"name": "asterisk-bye-also-dos(39361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39361"
},
{
"name": "3520",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3520"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.digium.com/view.php?id=11637"
},
{
"name": "28312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28312"
},
{
"name": "1019152",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019152"
},
{
"name": "FEDORA-2008-0198",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-001.html"
},
{
"name": "28299",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27110",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27110"
},
{
"name": "FEDORA-2008-0199",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html"
},
{
"name": "ADV-2008-0019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0019"
},
{
"name": "20080102 AST-2008-001: Crash from transfer using BYE with Also header",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485727/100/0/threaded"
},
{
"name": "asterisk-bye-also-dos(39361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39361"
},
{
"name": "3520",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3520"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.digium.com/view.php?id=11637"
},
{
"name": "28312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28312"
},
{
"name": "1019152",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019152"
},
{
"name": "FEDORA-2008-0198",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-001.html"
},
{
"name": "28299",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28299"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27110",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27110"
},
{
"name": "FEDORA-2008-0199",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html"
},
{
"name": "ADV-2008-0019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0019"
},
{
"name": "20080102 AST-2008-001: Crash from transfer using BYE with Also header",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485727/100/0/threaded"
},
{
"name": "asterisk-bye-also-dos(39361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39361"
},
{
"name": "3520",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3520"
},
{
"name": "http://bugs.digium.com/view.php?id=11637",
"refsource": "MISC",
"url": "http://bugs.digium.com/view.php?id=11637"
},
{
"name": "28312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28312"
},
{
"name": "1019152",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019152"
},
{
"name": "FEDORA-2008-0198",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2008-001.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2008-001.html"
},
{
"name": "28299",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28299"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0095",
"datePublished": "2008-01-08T02:00:00",
"dateReserved": "2008-01-07T00:00:00",
"dateUpdated": "2024-08-07T07:32:23.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6430 (GCVE-0-2007-6430)
Vulnerability from cvelistv5
Published
2007-12-20 02:00
Modified
2024-08-07 16:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations ("realtime") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authentication using a valid username.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:02:36.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28149",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28149"
},
{
"name": "29782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29782"
},
{
"name": "GLSA-200804-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29242"
},
{
"name": "20071218 AST-2007-027 - Database matching order permits host-based authentication to be ignored",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485287/100/0/threaded"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "ADV-2007-4260",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4260"
},
{
"name": "DSA-1525",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "3467",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3467"
},
{
"name": "39519",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/39519"
},
{
"name": "1019110",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019110"
},
{
"name": "asterisk-registration-security-bypass(39124)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39124"
},
{
"name": "29456",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29456"
},
{
"name": "26928",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2007-027.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations (\"realtime\") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authentication using a valid username."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28149",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28149"
},
{
"name": "29782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29782"
},
{
"name": "GLSA-200804-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"name": "29242",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29242"
},
{
"name": "20071218 AST-2007-027 - Database matching order permits host-based authentication to be ignored",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485287/100/0/threaded"
},
{
"name": "SUSE-SR:2008:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "ADV-2007-4260",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4260"
},
{
"name": "DSA-1525",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "3467",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3467"
},
{
"name": "39519",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/39519"
},
{
"name": "1019110",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019110"
},
{
"name": "asterisk-registration-security-bypass(39124)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39124"
},
{
"name": "29456",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29456"
},
{
"name": "26928",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2007-027.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations (\"realtime\") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authentication using a valid username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28149"
},
{
"name": "29782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29782"
},
{
"name": "GLSA-200804-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"name": "29242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29242"
},
{
"name": "20071218 AST-2007-027 - Database matching order permits host-based authentication to be ignored",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485287/100/0/threaded"
},
{
"name": "SUSE-SR:2008:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"name": "ADV-2007-4260",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4260"
},
{
"name": "DSA-1525",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "3467",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3467"
},
{
"name": "39519",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/39519"
},
{
"name": "1019110",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019110"
},
{
"name": "asterisk-registration-security-bypass(39124)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39124"
},
{
"name": "29456",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29456"
},
{
"name": "26928",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26928"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2007-027.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2007-027.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6430",
"datePublished": "2007-12-20T02:00:00",
"dateReserved": "2007-12-18T00:00:00",
"dateUpdated": "2024-08-07T16:02:36.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0041 (GCVE-0-2009-0041)
Vulnerability from cvelistv5
Published
2009-01-14 23:00
Modified
2024-08-07 04:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:17:10.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
},
{
"name": "33453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33453"
},
{
"name": "4910",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4910"
},
{
"name": "33174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33174"
},
{
"name": "37677",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37677"
},
{
"name": "DSA-1952",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"name": "1021549",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021549"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
},
{
"name": "ADV-2009-0063",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0063"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34982"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
},
{
"name": "33453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33453"
},
{
"name": "4910",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4910"
},
{
"name": "33174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33174"
},
{
"name": "37677",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37677"
},
{
"name": "DSA-1952",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"name": "1021549",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021549"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
},
{
"name": "ADV-2009-0063",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0063"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34982"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200905-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
},
{
"name": "33453",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33453"
},
{
"name": "4910",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4910"
},
{
"name": "33174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33174"
},
{
"name": "37677",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37677"
},
{
"name": "DSA-1952",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"name": "1021549",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021549"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2009-001.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
},
{
"name": "ADV-2009-0063",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0063"
},
{
"name": "34982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34982"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0041",
"datePublished": "2009-01-14T23:00:00",
"dateReserved": "2009-01-06T00:00:00",
"dateUpdated": "2024-08-07T04:17:10.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1289 (GCVE-0-2008-1289)
Vulnerability from cvelistv5
Published
2008-03-24 17:00
Modified
2024-08-07 08:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote attackers to (1) write a zero to an arbitrary memory location via a large RTP payload number, related to the ast_rtp_unset_m_type function in main/rtp.c; or (2) write certain integers to an arbitrary memory location via a large number of RTP payloads, related to the process_sdp function in channels/chan_sip.c.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28308",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28308"
},
{
"name": "3763",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3763"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.musecurity.com/advisories/MU-200803-01.txt"
},
{
"name": "asterisk-rtp-codecpayload-bo(41305)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41305"
},
{
"name": "1019628",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019628"
},
{
"name": "29426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "FEDORA-2008-2554",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"name": "20080318 AST-2008-002: Two buffer overflows in RTP Codec Payload Handling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489817/100/0/threaded"
},
{
"name": "ADV-2008-0928",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-002.html"
},
{
"name": "FEDORA-2008-2620",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
},
{
"name": "asterisk-rtppayload-bo(41302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41302"
},
{
"name": "29470",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote attackers to (1) write a zero to an arbitrary memory location via a large RTP payload number, related to the ast_rtp_unset_m_type function in main/rtp.c; or (2) write certain integers to an arbitrary memory location via a large number of RTP payloads, related to the process_sdp function in channels/chan_sip.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28308",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28308"
},
{
"name": "3763",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3763"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.musecurity.com/advisories/MU-200803-01.txt"
},
{
"name": "asterisk-rtp-codecpayload-bo(41305)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41305"
},
{
"name": "1019628",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019628"
},
{
"name": "29426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "FEDORA-2008-2554",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"name": "20080318 AST-2008-002: Two buffer overflows in RTP Codec Payload Handling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489817/100/0/threaded"
},
{
"name": "ADV-2008-0928",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-002.html"
},
{
"name": "FEDORA-2008-2620",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
},
{
"name": "asterisk-rtppayload-bo(41302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41302"
},
{
"name": "29470",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote attackers to (1) write a zero to an arbitrary memory location via a large RTP payload number, related to the ast_rtp_unset_m_type function in main/rtp.c; or (2) write certain integers to an arbitrary memory location via a large number of RTP payloads, related to the process_sdp function in channels/chan_sip.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28308"
},
{
"name": "3763",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3763"
},
{
"name": "http://labs.musecurity.com/advisories/MU-200803-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/advisories/MU-200803-01.txt"
},
{
"name": "asterisk-rtp-codecpayload-bo(41305)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41305"
},
{
"name": "1019628",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019628"
},
{
"name": "29426",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29426"
},
{
"name": "http://www.asterisk.org/node/48466",
"refsource": "CONFIRM",
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "FEDORA-2008-2554",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"name": "20080318 AST-2008-002: Two buffer overflows in RTP Codec Payload Handling",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489817/100/0/threaded"
},
{
"name": "ADV-2008-0928",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2008-002.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2008-002.html"
},
{
"name": "FEDORA-2008-2620",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
},
{
"name": "asterisk-rtppayload-bo(41302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41302"
},
{
"name": "29470",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1289",
"datePublished": "2008-03-24T17:00:00",
"dateReserved": "2008-03-12T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1897 (GCVE-0-2008-1897)
Vulnerability from cvelistv5
Published
2008-04-23 00:00
Modified
2024-08-07 08:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow unauthenticated calls, does not verify that an ACK response contains a call number matching the server's reply to a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed ACK response that does not complete a 3-way handshake. NOTE: this issue exists because of an incomplete fix for CVE-2008-1923.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:40:59.845Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "29927",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/29927"
},
{
"name": "asterisk-iax2protocol-ack-dos(41966)",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41966"
},
{
"name": "28901",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28901"
},
{
"name": "30010",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/30010"
},
{
"name": "ADV-2008-1324",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1324"
},
{
"tags": [
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"name": "FEDORA-2008-3390",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00600.html"
},
{
"name": "20080422 AST-2008-006 - 3-way handshake in IAX2 incomplete",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491220/100/0/threaded"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=2"
},
{
"name": "30042",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/30042"
},
{
"name": "DSA-1563",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1563"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/34982"
},
{
"name": "1019918",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019918"
},
{
"name": "FEDORA-2008-3365",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00581.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://downloads.asterisk.org/pub/security/AST-2008-006.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xrg/asterisk-xrg/commit/51714a24347dc57f9a208a4a8af84115ef407b83"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jcollie/asterisk/commit/a8b180875b037b8da26f6a3bcc8e5e98b8c904d2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xrg/asterisk-xrg/commit/10da3dab24e8ca08cf2c983f8d0206e383535b5a"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jcollie/asterisk/commit/771b3d8749b34b6eea4e03a2e514380da9582f90"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/pruiz/asterisk/commit/e0ef9bd22810c6969a7f222eec04798f19a7e2d6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jcollie/asterisk/commit/60de4fbbdf3ede49f158e23a9e3b679f2e519c1e"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mojolingo/asterisk/commit/20ac3662f137dbf7f42d5295590069a7d3b1166b"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/silentindark/asterisk-1/commit/fe8b7f31db687f8b9992864b82c93d22833019c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/kaoru6/asterisk/commit/1fe14f38dd43dc894d21f85762b51208ba5c8acb"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/lyx2014/Asterisk/commit/0670e43c30135044e25cca7f80e1833e2c128653"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow unauthenticated calls, does not verify that an ACK response contains a call number matching the server\u0027s reply to a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed ACK response that does not complete a 3-way handshake. NOTE: this issue exists because of an incomplete fix for CVE-2008-1923."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T02:02:11.362982",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "29927",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/29927"
},
{
"name": "asterisk-iax2protocol-ack-dos(41966)",
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41966"
},
{
"name": "28901",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/28901"
},
{
"name": "30010",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/30010"
},
{
"name": "ADV-2008-1324",
"tags": [
"vdb-entry"
],
"url": "http://www.vupen.com/english/advisories/2008/1324"
},
{
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"name": "FEDORA-2008-3390",
"tags": [
"vendor-advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00600.html"
},
{
"name": "20080422 AST-2008-006 - 3-way handshake in IAX2 incomplete",
"tags": [
"mailing-list"
],
"url": "http://www.securityfocus.com/archive/1/491220/100/0/threaded"
},
{
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=2"
},
{
"name": "30042",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/30042"
},
{
"name": "DSA-1563",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2008/dsa-1563"
},
{
"name": "34982",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/34982"
},
{
"name": "1019918",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id?1019918"
},
{
"name": "FEDORA-2008-3365",
"tags": [
"vendor-advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00581.html"
},
{
"url": "https://downloads.asterisk.org/pub/security/AST-2008-006.html"
},
{
"url": "https://github.com/xrg/asterisk-xrg/commit/51714a24347dc57f9a208a4a8af84115ef407b83"
},
{
"url": "https://github.com/jcollie/asterisk/commit/a8b180875b037b8da26f6a3bcc8e5e98b8c904d2"
},
{
"url": "https://github.com/xrg/asterisk-xrg/commit/10da3dab24e8ca08cf2c983f8d0206e383535b5a"
},
{
"url": "https://github.com/jcollie/asterisk/commit/771b3d8749b34b6eea4e03a2e514380da9582f90"
},
{
"url": "https://github.com/pruiz/asterisk/commit/e0ef9bd22810c6969a7f222eec04798f19a7e2d6"
},
{
"url": "https://github.com/jcollie/asterisk/commit/60de4fbbdf3ede49f158e23a9e3b679f2e519c1e"
},
{
"url": "https://github.com/mojolingo/asterisk/commit/20ac3662f137dbf7f42d5295590069a7d3b1166b"
},
{
"url": "https://github.com/silentindark/asterisk-1/commit/fe8b7f31db687f8b9992864b82c93d22833019c7"
},
{
"url": "https://github.com/kaoru6/asterisk/commit/1fe14f38dd43dc894d21f85762b51208ba5c8acb"
},
{
"url": "https://github.com/lyx2014/Asterisk/commit/0670e43c30135044e25cca7f80e1833e2c128653"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1897",
"datePublished": "2008-04-23T00:00:00",
"dateReserved": "2008-04-20T00:00:00",
"dateUpdated": "2024-08-07T08:40:59.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3264 (GCVE-0-2008-3264)
Vulnerability from cvelistv5
Published
2008-07-24 15:18
Modified
2024-08-07 09:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1020536",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020536"
},
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "31194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31194"
},
{
"name": "ADV-2008-2168",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2168/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-011.html"
},
{
"name": "FEDORA-2008-6676",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html"
},
{
"name": "31178",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31178"
},
{
"name": "asterisk-downloadprotocol-dos(43955)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43955"
},
{
"name": "30350",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30350"
},
{
"name": "20080722 AST-2008-011: Traffic amplification in IAX2 firmware provisioning system",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/494676/100/0/threaded"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34982"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1020536",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020536"
},
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "31194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31194"
},
{
"name": "ADV-2008-2168",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2168/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-011.html"
},
{
"name": "FEDORA-2008-6676",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html"
},
{
"name": "31178",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31178"
},
{
"name": "asterisk-downloadprotocol-dos(43955)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43955"
},
{
"name": "30350",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30350"
},
{
"name": "20080722 AST-2008-011: Traffic amplification in IAX2 firmware provisioning system",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/494676/100/0/threaded"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34982"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1020536",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020536"
},
{
"name": "GLSA-200905-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "31194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31194"
},
{
"name": "ADV-2008-2168",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2168/references"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2008-011.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2008-011.html"
},
{
"name": "FEDORA-2008-6676",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html"
},
{
"name": "31178",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31178"
},
{
"name": "asterisk-downloadprotocol-dos(43955)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43955"
},
{
"name": "30350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30350"
},
{
"name": "20080722 AST-2008-011: Traffic amplification in IAX2 firmware provisioning system",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/494676/100/0/threaded"
},
{
"name": "34982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34982"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3264",
"datePublished": "2008-07-24T15:18:00",
"dateReserved": "2008-07-22T00:00:00",
"dateUpdated": "2024-08-07T09:28:41.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2415 (GCVE-0-2012-2415)
Vulnerability from cvelistv5
Published
2012-04-30 20:00
Modified
2024-08-06 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact via a series of KEYPAD_BUTTON_MESSAGE events.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:24.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81455"
},
{
"name": "DSA-2460",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"name": "asterisk-skinny-driver-bo(75102)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75102"
},
{
"name": "48941",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48941"
},
{
"name": "1026962",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026962"
},
{
"name": "53210",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53210"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-005.html"
},
{
"name": "FEDORA-2012-6724",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48891"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact via a series of KEYPAD_BUTTON_MESSAGE events."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "81455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81455"
},
{
"name": "DSA-2460",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"name": "asterisk-skinny-driver-bo(75102)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75102"
},
{
"name": "48941",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48941"
},
{
"name": "1026962",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026962"
},
{
"name": "53210",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53210"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-005.html"
},
{
"name": "FEDORA-2012-6724",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48891"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact via a series of KEYPAD_BUTTON_MESSAGE events."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81455",
"refsource": "OSVDB",
"url": "http://osvdb.org/81455"
},
{
"name": "DSA-2460",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"name": "asterisk-skinny-driver-bo(75102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75102"
},
{
"name": "48941",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48941"
},
{
"name": "1026962",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026962"
},
{
"name": "53210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53210"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-005.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-005.html"
},
{
"name": "FEDORA-2012-6724",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48891"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2415",
"datePublished": "2012-04-30T20:00:00",
"dateReserved": "2012-04-23T00:00:00",
"dateUpdated": "2024-08-06T19:34:24.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2948 (GCVE-0-2012-2948)
Vulnerability from cvelistv5
Published
2012-06-02 15:00
Modified
2024-08-06 19:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "asterisk-scd-dos(75937)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75937"
},
{
"name": "1027103",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027103"
},
{
"name": "DSA-2493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2493"
},
{
"name": "53723",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53723"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-008.html"
},
{
"name": "49303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49303"
},
{
"name": "20120529 AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "asterisk-scd-dos(75937)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75937"
},
{
"name": "1027103",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027103"
},
{
"name": "DSA-2493",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2493"
},
{
"name": "53723",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53723"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-008.html"
},
{
"name": "49303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49303"
},
{
"name": "20120529 AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "asterisk-scd-dos(75937)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75937"
},
{
"name": "1027103",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027103"
},
{
"name": "DSA-2493",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2493"
},
{
"name": "53723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53723"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-008.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-008.html"
},
{
"name": "49303",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49303"
},
{
"name": "20120529 AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2948",
"datePublished": "2012-06-02T15:00:00",
"dateReserved": "2012-05-29T00:00:00",
"dateUpdated": "2024-08-06T19:50:05.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1332 (GCVE-0-2008-1332)
Vulnerability from cvelistv5
Published
2008-03-20 00:00
Modified
2024-08-07 08:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2008:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
},
{
"name": "29782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29782"
},
{
"name": "GLSA-200804-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-003.html"
},
{
"name": "28310",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28310"
},
{
"name": "20080318 AST-2008-003: Unauthenticated calls allowed from SIP channel driver",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/489818/100/0/threaded"
},
{
"name": "DSA-1525",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "29426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "FEDORA-2008-2554",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"name": "1019629",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019629"
},
{
"name": "asterisk-sip-security-bypass(41308)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41308"
},
{
"name": "ADV-2008-0928",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"name": "FEDORA-2008-2620",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
},
{
"name": "29957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29957"
},
{
"name": "29456",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29456"
},
{
"name": "29470",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SR:2008:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
},
{
"name": "29782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29782"
},
{
"name": "GLSA-200804-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-003.html"
},
{
"name": "28310",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28310"
},
{
"name": "20080318 AST-2008-003: Unauthenticated calls allowed from SIP channel driver",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/489818/100/0/threaded"
},
{
"name": "DSA-1525",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "29426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "FEDORA-2008-2554",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"name": "1019629",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019629"
},
{
"name": "asterisk-sip-security-bypass(41308)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41308"
},
{
"name": "ADV-2008-0928",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"name": "FEDORA-2008-2620",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
},
{
"name": "29957",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29957"
},
{
"name": "29456",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29456"
},
{
"name": "29470",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SR:2008:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
},
{
"name": "29782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29782"
},
{
"name": "GLSA-200804-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2008-003.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2008-003.html"
},
{
"name": "28310",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28310"
},
{
"name": "20080318 AST-2008-003: Unauthenticated calls allowed from SIP channel driver",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489818/100/0/threaded"
},
{
"name": "DSA-1525",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"name": "29426",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29426"
},
{
"name": "http://www.asterisk.org/node/48466",
"refsource": "CONFIRM",
"url": "http://www.asterisk.org/node/48466"
},
{
"name": "FEDORA-2008-2554",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"name": "1019629",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019629"
},
{
"name": "asterisk-sip-security-bypass(41308)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41308"
},
{
"name": "ADV-2008-0928",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"name": "FEDORA-2008-2620",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
},
{
"name": "29957",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29957"
},
{
"name": "29456",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29456"
},
{
"name": "29470",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1332",
"datePublished": "2008-03-20T00:00:00",
"dateReserved": "2008-03-13T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2416 (GCVE-0-2012-2416)
Vulnerability from cvelistv5
Published
2012-04-30 20:00
Modified
2024-08-06 19:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19770"
},
{
"name": "1026963",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026963"
},
{
"name": "81456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81456"
},
{
"name": "53205",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53205"
},
{
"name": "asterisk-sipupdate-dos(75101)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75101"
},
{
"name": "FEDORA-2012-6724",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48891"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19770"
},
{
"name": "1026963",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026963"
},
{
"name": "81456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81456"
},
{
"name": "53205",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53205"
},
{
"name": "asterisk-sipupdate-dos(75101)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75101"
},
{
"name": "FEDORA-2012-6724",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48891"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2416",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-19770",
"refsource": "MISC",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19770"
},
{
"name": "1026963",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026963"
},
{
"name": "81456",
"refsource": "OSVDB",
"url": "http://osvdb.org/81456"
},
{
"name": "53205",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53205"
},
{
"name": "asterisk-sipupdate-dos(75101)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75101"
},
{
"name": "FEDORA-2012-6724",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"name": "48891",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48891"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2012-006.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2416",
"datePublished": "2012-04-30T20:00:00",
"dateReserved": "2012-04-23T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5558 (GCVE-0-2008-5558)
Vulnerability from cvelistv5
Published
2008-12-17 17:00
Modified
2024-08-07 10:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:47.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32773",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32773"
},
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "32956",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32956"
},
{
"name": "50675",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50675"
},
{
"name": "4769",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4769"
},
{
"name": "20081210 AST-2008-012: Remote crash vulnerability in IAX2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499117/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-012.html"
},
{
"name": "ADV-2008-3403",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3403"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34982"
},
{
"name": "1021378",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021378"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32773",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32773"
},
{
"name": "GLSA-200905-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "32956",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32956"
},
{
"name": "50675",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50675"
},
{
"name": "4769",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4769"
},
{
"name": "20081210 AST-2008-012: Remote crash vulnerability in IAX2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499117/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-012.html"
},
{
"name": "ADV-2008-3403",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3403"
},
{
"name": "34982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34982"
},
{
"name": "1021378",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021378"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32773"
},
{
"name": "GLSA-200905-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"name": "32956",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32956"
},
{
"name": "50675",
"refsource": "OSVDB",
"url": "http://osvdb.org/50675"
},
{
"name": "4769",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4769"
},
{
"name": "20081210 AST-2008-012: Remote crash vulnerability in IAX2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499117/100/0/threaded"
},
{
"name": "http://downloads.digium.com/pub/security/AST-2008-012.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/security/AST-2008-012.html"
},
{
"name": "ADV-2008-3403",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3403"
},
{
"name": "34982",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34982"
},
{
"name": "1021378",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021378"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5558",
"datePublished": "2008-12-17T17:00:00",
"dateReserved": "2008-12-15T00:00:00",
"dateUpdated": "2024-08-07T10:56:47.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2685 (GCVE-0-2013-2685)
Vulnerability from cvelistv5
Published
2013-03-29 18:00
Modified
2024-09-16 16:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol (SDP) header.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.160Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol (SDP) header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-29T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol (SDP) header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://downloads.asterisk.org/pub/security/AST-2013-001.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2013-001.html"
},
{
"name": "https://issues.asterisk.org/jira/browse/ASTERISK-20901",
"refsource": "CONFIRM",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2685",
"datePublished": "2013-03-29T18:00:00Z",
"dateReserved": "2013-03-25T00:00:00Z",
"dateUpdated": "2024-09-16T16:44:08.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2025-04-09 00:30
Severity ?
Summary
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-004.html | Patch | |
| cve@mitre.org | http://secunia.com/advisories/29426 | ||
| cve@mitre.org | http://secunia.com/advisories/29456 | ||
| cve@mitre.org | http://securitytracker.com/id?1019630 | ||
| cve@mitre.org | http://www.asterisk.org/node/48466 | ||
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1525 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/489823/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/28311 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0928 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41301 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-004.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29426 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29456 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1019630 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.asterisk.org/node/48466 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/489823/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28311 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0928 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41301 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.6.0_beta1 | |
| asterisk | open_source | 1.6.0_beta2 | |
| asterisk | open_source | 1.6.0_beta3 | |
| asterisk | open_source | 1.6.0_beta4 | |
| asterisk | open_source | 1.6.0_beta5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABFFC6C-C814-49A4-872E-3B8DC8AB1E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "07532423-02E0-424A-B84A-4997BF152B9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "916BC7DD-8EB8-4782-BE9C-9927EB3E66FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0_beta4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F0FFA4-B9AD-4934-87BC-F765AD0A16B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0_beta5:*:*:*:*:*:*:*",
"matchCriteriaId": "7B842E24-58B3-4630-9FC2-9DC0BA356D07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function."
},
{
"lang": "es",
"value": "Vulnerabilidad de cadena de formato en Asterisk Open Source versiones 1.6.x anteriores a 1.6.0-beta6 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante la utilizaci\u00f3n de mensajes de eventos que no son manejados adecuadamente por (1) la llamda al API de registro ast_verbose o (2) la funci\u00f3n astman_append."
}
],
"id": "CVE-2008-1333",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-004.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29426"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29456"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019630"
},
{
"source": "cve@mitre.org",
"url": "http://www.asterisk.org/node/48466"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489823/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28311"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.asterisk.org/node/48466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489823/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41301"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-14 23:30
Modified
2025-04-09 00:30
Severity ?
Summary
IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2009-001.html | ||
| cve@mitre.org | http://secunia.com/advisories/33453 | ||
| cve@mitre.org | http://secunia.com/advisories/34982 | ||
| cve@mitre.org | http://secunia.com/advisories/37677 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| cve@mitre.org | http://securityreason.com/securityalert/4910 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1952 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/499884/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/33174 | Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1021549 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/0063 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2009-001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33453 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37677 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/4910 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1952 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/499884/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/33174 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021549 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/0063 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | a | |
| asterisk | asterisk_business_edition | b.1.3.2 | |
| asterisk | asterisk_business_edition | b.1.3.3 | |
| asterisk | asterisk_business_edition | b.2.2.0 | |
| asterisk | asterisk_business_edition | b.2.2.1 | |
| asterisk | asterisk_business_edition | b.2.3.1 | |
| asterisk | asterisk_business_edition | b.2.3.2 | |
| asterisk | asterisk_business_edition | b.2.3.3 | |
| asterisk | asterisk_business_edition | b.2.3.4 | |
| asterisk | asterisk_business_edition | b.2.3.5 | |
| asterisk | asterisk_business_edition | b.2.3.6 | |
| asterisk | asterisk_business_edition | b.2.5.0 | |
| asterisk | asterisk_business_edition | b.2.5.1 | |
| asterisk | asterisk_business_edition | b.2.5.3 | |
| asterisk | asterisk_business_edition | c.1.0 | |
| asterisk | open_source | * | |
| asterisk | open_source | * | |
| asterisk | open_source | * | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0beta1 | |
| asterisk | open_source | 1.2.0beta2 | |
| asterisk | open_source | 1.2.1 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.27 | |
| asterisk | open_source | 1.2.28 | |
| asterisk | open_source | 1.2.29 | |
| asterisk | open_source | 1.2.30 | |
| asterisk | open_source | 1.2.30.2 | |
| asterisk | open_source | 1.2.30.3 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.1 | |
| asterisk | open_source | 1.4.2 | |
| asterisk | open_source | 1.4.3 | |
| asterisk | open_source | 1.4.4 | |
| asterisk | open_source | 1.4.5 | |
| asterisk | open_source | 1.4.6 | |
| asterisk | open_source | 1.4.7 | |
| asterisk | open_source | 1.4.7.1 | |
| asterisk | open_source | 1.4.8 | |
| asterisk | open_source | 1.4.9 | |
| asterisk | open_source | 1.4.10 | |
| asterisk | open_source | 1.4.10.1 | |
| asterisk | open_source | 1.4.11 | |
| asterisk | open_source | 1.4.12 | |
| asterisk | open_source | 1.4.12.1 | |
| asterisk | open_source | 1.4.13 | |
| asterisk | open_source | 1.4.14 | |
| asterisk | open_source | 1.4.15 | |
| asterisk | open_source | 1.4.16 | |
| asterisk | open_source | 1.4.16.1 | |
| asterisk | open_source | 1.4.16.2 | |
| asterisk | open_source | 1.4.17 | |
| asterisk | open_source | 1.4.18 | |
| asterisk | open_source | 1.4.18.1 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19.1 | |
| asterisk | open_source | 1.4.19.2 | |
| asterisk | open_source | 1.4.20 | |
| asterisk | open_source | 1.4.20 | |
| asterisk | open_source | 1.4.20 | |
| asterisk | open_source | 1.4.20 | |
| asterisk | open_source | 1.4.21 | |
| asterisk | open_source | 1.4.21 | |
| asterisk | open_source | 1.4.21 | |
| asterisk | open_source | 1.4.21.1 | |
| asterisk | open_source | 1.4.21.2 | |
| asterisk | open_source | 1.4.22 | |
| asterisk | open_source | 1.4.22 | |
| asterisk | open_source | 1.4.22 | |
| asterisk | open_source | 1.4.22.1 | |
| asterisk | open_source | 1.4.22.2 | |
| asterisk | open_source | 1.4.23 | |
| asterisk | open_source | 1.4.23 | |
| asterisk | open_source | 1.4.23 | |
| asterisk | open_source | 1.4_revision_95946 | |
| asterisk | open_source | 1.4beta | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0.1 | |
| asterisk | open_source | 1.6.0.2 | |
| asterisk | open_source | 1.6.0.3 | |
| asterisk | s800i_appliance | 1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24A5B8FE-5EB4-4EFD-957D-D0B7AADC55E5",
"versionEndIncluding": "b.2.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:beta8:*:*:*:*:*:*",
"matchCriteriaId": "5E583AB0-6127-4C34-B6C6-1837F5D0C2D6",
"versionEndIncluding": "c.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:a:*:*:*:*:*:*:*",
"matchCriteriaId": "313B3A38-8DEA-4D62-A1A4-0B6011E81870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "802F8680-AB38-41AF-BFC8-F6927F6B1626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAE8D90-B032-4C60-B487-BE655D00FFAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64A872-B7B8-46A8-81E4-49EDAC160531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "21000270-C9B9-430C-A252-763887A15835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F7CF45-5482-4947-8F1D-48C746987475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B64995D-7892-49AB-A89D-A5D15615C5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0397DBD4-EA00-444A-9008-4932F99DF325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD865F-BC39-4255-A797-6E5945773337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3C2CF4-4A4B-4398-92DC-EAE43801D08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7203093-7209-4184-92CB-08AD73FAC379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4956871-4DD3-4299-8BEB-9D98A4449A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F796D547-034A-46FB-B245-3863C198AA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F04F844-79C4-41F3-9671-8B46460D0AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "F981A428-E7F3-4DE5-91DC-60A1C5C6C6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6254A9-FDE8-4167-9B8F-BA387A813DCC",
"versionEndIncluding": "1.2.30.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:rc3:*:*:*:*:*:*",
"matchCriteriaId": "FD73983B-7A1A-4016-B5D6-EA1019CC8D35",
"versionEndIncluding": "1.4.23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8E0B464C-075E-4B62-B00A-53AA2613B619",
"versionEndIncluding": "1.6.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7971E1-F136-4ADC-95EC-BC4F92E838CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E62D108C-862D-4BDB-BE37-285AA4C9C59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "CF1422F3-829D-498C-83A6-02989DFB70A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CBEB9D69-A404-4053-92F9-CAC3481AFF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E816CCDB-4169-4F09-AE87-E467F4BE7685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "7435F043-F92B-4635-93CC-A2C39AAE1BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B2F43B-8B69-4BF6-86B7-A225175FF068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27202966-2C41-4964-9497-1887D2A834C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1471B5A2-15BE-4E7C-BA49-2E6002F7C8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "65223182-1675-462C-AF67-4A48760A63F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7108D72F-5AFD-4EEF-B2A9-CA4FA792E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:netsec:*:*:*:*:*:*",
"matchCriteriaId": "DC7EB4CD-6436-4E0B-A620-9DF2AC8A3C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:netsec:*:*:*:*:*:*",
"matchCriteriaId": "0CF6584D-A7BB-4BD5-8232-9293FEE4A971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:netsec:*:*:*:*:*:*",
"matchCriteriaId": "174D6B56-7D0F-46F0-849A-FD05CB348FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4F734E-0E78-4957-B323-8E9FBA7FF15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:netsec:*:*:*:*:*:*",
"matchCriteriaId": "938F545A-F8A7-455E-8E5A-2B5454B6CE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B117B-E945-4033-A79D-10DFAA3DF18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "E7C0897A-C841-4AAB-A6B3-1FCF7A99A60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:netsec:*:*:*:*:*:*",
"matchCriteriaId": "B2BAA1B3-7DD3-4248-915D-2BCC0ACFA2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EBFB79-C269-4132-BFAB-451F66CE8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:netsec:*:*:*:*:*:*",
"matchCriteriaId": "21612C17-7368-4108-B55B-5AB5CA6733E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8A0D57D7-15AD-4CDF-A5A7-AB83F8E6154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:netsec:*:*:*:*:*:*",
"matchCriteriaId": "06DB25C8-4EA5-465F-8EFA-BCA8D40F1795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:netsec:*:*:*:*:*:*",
"matchCriteriaId": "A149F8C2-3DA5-44B2-A288-3482F3975824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9462B320-B69D-409D-8DCC-D8D6CA1A757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:netsec:*:*:*:*:*:*",
"matchCriteriaId": "ECCCBAE9-8FD4-43F0-9EF8-56E9BBA3D8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59BC20-3217-4584-9196-D1CD9E0D6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:netsec:*:*:*:*:*:*",
"matchCriteriaId": "BEA0014A-659B-4533-A393-6D4ADC80EB0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8F1621F9-7C84-4CF0-BBCD-CEAEE8683BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64DF29-5B3D-401E-885E-8E37FD577254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "346C9F65-B5FB-4A75-8E1B-137112F270D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:netsec:*:*:*:*:*:*",
"matchCriteriaId": "7EFEE380-0C64-4413-AF3A-45ABC8833500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8CA18FC6-1480-400E-A885-8CDAE45AA7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:netsec:*:*:*:*:*:*",
"matchCriteriaId": "93741261-378B-4C02-8D68-0E5F39128375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:netsec:*:*:*:*:*:*",
"matchCriteriaId": "07CF9DD6-B624-49F0-A8E4-7EBCE7932BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9EEA1E9C-C1FB-4EFD-86EA-DCF78C57FC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "5E20FAF7-9031-478E-A89C-D6FB3B5FDE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "72375576-F857-4585-A677-A326D89A65B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "BE47A547-26E7-48F9-B0A6-2F65E04A1EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AEB744-FCF2-4A41-8866-9D1D20E6C6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "51E5EB34-30AD-4E81-8BD4-4AB905E52B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "4359322B-08D0-4710-A9C3-54BD4A17B800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78F84DF4-DBA7-430C-AF17-F52024EF80D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.3:*:*:*:*:*:*:*",
"matchCriteriaId": "34266614-3588-485C-A609-37823F8499AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "967DF432-DEF4-4FA2-8C8D-19A7FB663A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "40850BF4-E252-4667-9B46-9B6FEF6E997D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1BB01DD1-B29B-4210-88CC-9ADB3148A410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "5C0FA6A3-BFA9-4397-B75B-75C8357C36B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "295D4042-2D3C-481B-B969-2DDAC1161198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99E9EE2A-56AD-42BC-8CB0-D34091849B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96877A3E-B54B-4F31-B281-76CDC98B2D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0B4503-42A6-4D88-954E-A662E91EC204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B73813-BCD8-429E-B9B9-D6665E026BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBA3ECC-4F40-41CD-A6D7-BBD680DDBACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9CBE2156-AF86-4C72-B33D-3FF83930F828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61408884-FBBF-4D94-A552-F99AB46DCED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4A527277-D97D-4B74-906F-7481BDBD96D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B57A32-7B83-4783-A244-C26301970444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "044FD0D0-FC92-4A01-B0D4-11A703EF21FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3477EC1A-9634-492C-B052-35770A9C9F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1C90F104-FA2C-4091-B149-1774AC982C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C9328768-7C08-4143-B5F8-F5C2D735D21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C04E2B3-094B-4828-A2FC-BB66244A9F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE3D31-4BB2-45A3-B085-8C91152A3152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0107D4-395E-45F1-B963-7618CCC007D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "53B8E11B-4984-45A8-A107-D276205988B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2495DB98-F923-4E60-86EC-2DBB7A98C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E186D125-996E-4900-A2B8-5CDC8B5D5136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27DC6CF7-4DF8-4472-A684-8CCB5E26FCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "88576385-EF03-408B-9775-B52E6AFFE48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1A838577-2BA1-4792-8B69-6FB07FFD7727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEED3E1-13E0-46E6-8AAB-D24D2D04AE4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "ED2BF36F-CF10-4F24-970B-3D0BB7561C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BFC1BB05-15C6-4829-86EB-5B1BFA4B5B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AB77E88B-7233-4979-914E-24E671C1FB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FF0F09-0268-480F-A2F3-6F8C3F323EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1CCF9CAE-674A-4833-9D5C-FCBD865BE9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1593E1-BF21-4DB9-A18E-9F221F3F9022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8E9FE3-FA25-4054-876E-4A3CE6E71AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBAEADC-D1DE-46EF-808C-2F6D2A74D988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AEF8EB4B-2947-4BD3-ADF3-345AEFE85B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E4476FB3-A759-49F5-ABDE-6D2A321B61BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DFC109C3-2F52-48BE-B07E-3D65F31C1012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E54101A9-3967-4111-8A03-DA1BB23141BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D8B00600-1D45-41F7-9A10-97FB39012FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D8CB2331-0F95-45E0-AF5B-0B9C74C5BA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4ADB6A7-76AC-4AE3-B1AA-9F8DFA635418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "776BC35C-CF37-4F4E-9FD5-EC351D4C2C2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F10DAABC-FF06-44FB-98EC-B6AD17C03FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:rc3:*:*:*:*:*:*",
"matchCriteriaId": "ACA8AFD5-4C7C-4876-93CA-C5B3E881C455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:rc4:*:*:*:*:*:*",
"matchCriteriaId": "547EEB2B-2ECA-4B00-83BB-CFAA11BE0145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83829E0F-C24B-4BD6-88EA-98898A9AD86E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C19141-823E-4057-A699-FD1DFF92DF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE7FE41-E749-49B8-99DF-19F9E7C4827A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E78234B-39B6-4DB4-A10F-AA55F174D4F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3984CF42-2431-4661-B333-C6721DF7123A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4_revision_95946:*:*:*:*:*:*:*",
"matchCriteriaId": "E3C6272B-D0C4-4EA5-AEE4-5A45DAA2DDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4beta:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8012CE-4D4B-4131-87E7-16D7907E3BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D4F88914-6097-4AF1-8337-DCF062EB88AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "8BDB49DC-5344-451E-B8D6-D02C3431CE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "B1FDA8D3-5082-479B-BA0A-F1E83D750B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7305910F-42BA-44CE-A7AC-B6F74200B68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "B93EB4D6-3375-44BC-870F-714A3BC00C2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "52F60D6E-64EB-4223-8A79-595693B444C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta7.1:*:*:*:*:*:*",
"matchCriteriaId": "37CF29B9-4397-4298-9326-0443E666CDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "7D85DA34-A977-4A82-8E79-7BFE064DE9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "1476EF7B-A6F8-4B10-AF0F-986EA6BA3116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "98E222F0-4CAA-4247-A00D-C6CEC2E55198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "63744245-6126-47F6-B9F5-E936538140C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "C8805BEE-A4CF-45C2-B948-F1E8EF0A0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E474C33-B42A-4BB8-AC57-8A9071316240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B83B3132-7D78-4AC3-B83A-A6A20AA28993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0147FCED-AE75-4945-B76E-33F2AA764B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:asterisk:s800i_appliance:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE03C02-BE4A-47B6-A2B4-68DAEC5AA47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
},
{
"lang": "es",
"value": "IAX2 en Asterisk Open Source v1.2.x anterior a v1.2.31, v1.4.x anterior a v1.4.23-rc4, y v1.6.x anterior a v1.6.0.3-rc2; Business Edition A.x.x, B.x.x anterior a B.2.5.7, C.1.x.x anterior a C.1.10.4, y C.2.x.x anterior a C.2.1.2.1; y s800i 1.2.x anterior a v1.3.0 responden de manera distinta ante un intento de acceso fallido dependiendo de si la cuenta de usuario existe, lo que permite a atacantes remotos listar nombres de usuario v\u00e1lidos."
}
],
"evaluatorComment": "Vendor Advisory: http://downloads.digium.com/pub/security/AST-2009-001.html",
"id": "CVE-2009-0041",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-14T23:30:00.187",
"references": [
{
"source": "cve@mitre.org",
"url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33453"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/37677"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4910"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/33174"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021549"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/33174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0063"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-01 16:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol (SDP) header.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2013-001.html | ||
| cve@mitre.org | https://issues.asterisk.org/jira/browse/ASTERISK-20901 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2013-001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.asterisk.org/jira/browse/ASTERISK-20901 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.1 | |
| asterisk | open_source | 11.0.2 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.1 | |
| asterisk | open_source | 11.1.2 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0D8EF3-6BA5-4C60-8130-DF62A9592CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "1B00830D-18F2-4A68-926A-2FD397674F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "3C2E04B4-C70D-40AE-AEA5-0D39304F6C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9C86349C-EBD4-4857-9B4B-7A608F32BBCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7E88AC6C-50F6-486D-B0D0-97477FCD520D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "171B2532-F5D2-4C3C-9C23-405839F590BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5923D0-F168-404B-9190-871D52D74DAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "50617F5A-5BAE-4C4A-975A-B23E9171ABDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BE09B558-576C-461C-8089-8EE59F168ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "83DEBCA4-F4CC-4E78-A80F-C673105FA868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3720E8-67C2-492D-9DBA-6ED9085CB01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28E2C7E4-226C-4420-856D-E420633E301F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA3CDE0-AAE5-48A4-98C3-767CCCC3C9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B73137F-79EA-48DD-B29E-41DB8C20711B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1F185B3E-9594-4AFD-B16B-6C82A03B93B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3740427-BBC9-4D76-9F54-C13AF097CD05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol (SDP) header."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en res/res_format_attr_h264.c en Asterisk Open Source v11.x antes de v11.2.2 que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un long sprop-parameter-sets el atributo media H.264 en un SIP Protocolo de Descripci\u00f3n de Sesi\u00f3n (SDP) encabezado."
}
],
"id": "CVE-2013-2685",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-01T16:55:03.893",
"references": [
{
"source": "cve@mitre.org",
"url": "http://downloads.asterisk.org/pub/security/AST-2013-001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.asterisk.org/pub/security/AST-2013-001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20901"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-01 16:55
Modified
2025-04-11 00:51
Severity ?
Summary
The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2013-003.html | Vendor Advisory | |
| cve@mitre.org | https://issues.asterisk.org/jira/browse/ASTERISK-21013 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2013-003.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.asterisk.org/jira/browse/ASTERISK-21013 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1.1 | |
| asterisk | open_source | 1.8.1.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2.1 | |
| asterisk | open_source | 1.8.2.2 | |
| asterisk | open_source | 1.8.2.3 | |
| asterisk | open_source | 1.8.2.4 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3.1 | |
| asterisk | open_source | 1.8.3.2 | |
| asterisk | open_source | 1.8.3.3 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4.1 | |
| asterisk | open_source | 1.8.4.2 | |
| asterisk | open_source | 1.8.4.3 | |
| asterisk | open_source | 1.8.4.4 | |
| asterisk | open_source | 1.8.5 | |
| asterisk | open_source | 1.8.5.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.1 | |
| asterisk | open_source | 1.8.7.2 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.1 | |
| asterisk | open_source | 1.8.8.2 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.1 | |
| asterisk | open_source | 1.8.9.2 | |
| asterisk | open_source | 1.8.9.3 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.1 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.1 | |
| asterisk | open_source | 1.8.12 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.1 | |
| asterisk | open_source | 1.8.12.2 | |
| asterisk | open_source | 1.8.13.0 | |
| asterisk | open_source | 1.8.13.0 | |
| asterisk | open_source | 1.8.13.0 | |
| asterisk | open_source | 1.8.13.1 | |
| asterisk | open_source | 1.8.14.0 | |
| asterisk | open_source | 1.8.14.0 | |
| asterisk | open_source | 1.8.14.0 | |
| asterisk | open_source | 1.8.14.1 | |
| asterisk | open_source | 1.8.15.0 | |
| asterisk | open_source | 1.8.15.0 | |
| asterisk | open_source | 1.8.15.1 | |
| asterisk | open_source | 1.8.16.0 | |
| asterisk | open_source | 1.8.16.0 | |
| asterisk | open_source | 1.8.16.0 | |
| asterisk | open_source | 1.8.17.0 | |
| asterisk | open_source | 1.8.17.0 | |
| asterisk | open_source | 1.8.17.0 | |
| asterisk | open_source | 1.8.17.0 | |
| asterisk | open_source | 1.8.18.0 | |
| asterisk | open_source | 1.8.18.0 | |
| asterisk | open_source | 1.8.18.1 | |
| asterisk | open_source | 1.8.19.0 | |
| asterisk | open_source | 1.8.19.0 | |
| asterisk | open_source | 1.8.19.0 | |
| asterisk | open_source | 1.8.19.1 | |
| asterisk | open_source | 1.8.20.0 | |
| asterisk | open_source | 1.8.20.0 | |
| asterisk | open_source | 1.8.20.0 | |
| asterisk | open_source | 1.8.20.1 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.1 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.1 | |
| asterisk | open_source | 10.1.2 | |
| asterisk | open_source | 10.1.3 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.1 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.1 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.1 | |
| asterisk | open_source | 10.4.2 | |
| asterisk | open_source | 10.5.0 | |
| asterisk | open_source | 10.5.0 | |
| asterisk | open_source | 10.5.0 | |
| asterisk | open_source | 10.5.1 | |
| asterisk | open_source | 10.5.2 | |
| asterisk | open_source | 10.6.0 | |
| asterisk | open_source | 10.6.0 | |
| asterisk | open_source | 10.6.0 | |
| asterisk | open_source | 10.6.1 | |
| asterisk | open_source | 10.7.0 | |
| asterisk | open_source | 10.7.0 | |
| asterisk | open_source | 10.7.1 | |
| asterisk | open_source | 10.8.0 | |
| asterisk | open_source | 10.8.0 | |
| asterisk | open_source | 10.8.0 | |
| asterisk | open_source | 10.9.0 | |
| asterisk | open_source | 10.9.0 | |
| asterisk | open_source | 10.9.0 | |
| asterisk | open_source | 10.9.0 | |
| asterisk | open_source | 10.10.0 | |
| asterisk | open_source | 10.10.0 | |
| asterisk | open_source | 10.10.0 | |
| asterisk | open_source | 10.10.1 | |
| asterisk | open_source | 10.11.0 | |
| asterisk | open_source | 10.11.0 | |
| asterisk | open_source | 10.11.0 | |
| asterisk | open_source | 10.11.1 | |
| asterisk | open_source | 10.12.0 | |
| asterisk | open_source | 10.12.0 | |
| asterisk | open_source | 10.12.0 | |
| asterisk | open_source | 10.12.1 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.1 | |
| asterisk | open_source | 11.0.2 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.1 | |
| asterisk | open_source | 11.1.2 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.1 | |
| asterisk | certified_asterisk | 1.8.15 | |
| asterisk | certified_asterisk | 1.8.15 | |
| asterisk | certified_asterisk | 1.8.15 | |
| asterisk | certified_asterisk | 1.8.15 | |
| asterisk | certified_asterisk | 1.8.15.0 | |
| asterisk | certified_asterisk | 1.8.15.0 | |
| asterisk | business_edition | c.3.2.2 | |
| asterisk | business_edition | c.3.3 | |
| asterisk | business_edition | c.3.3.2 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.1.0 | |
| asterisk | digiumphones | 10.1.0 | |
| asterisk | digiumphones | 10.1.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.3.0 | |
| asterisk | digiumphones | 10.3.0 | |
| asterisk | digiumphones | 10.3.0 | |
| asterisk | digiumphones | 10.4.0 | |
| asterisk | digiumphones | 10.4.0 | |
| asterisk | digiumphones | 10.4.0 | |
| asterisk | digiumphones | 10.4.0 | |
| asterisk | digiumphones | 10.5.0 | |
| asterisk | digiumphones | 10.5.0 | |
| asterisk | digiumphones | 10.5.0 | |
| asterisk | digiumphones | 10.6.0 | |
| asterisk | digiumphones | 10.6.0 | |
| asterisk | digiumphones | 10.6.0 | |
| asterisk | digiumphones | 10.7.0 | |
| asterisk | digiumphones | 10.7.0 | |
| asterisk | digiumphones | 10.8.0 | |
| asterisk | digiumphones | 10.8.0 | |
| asterisk | digiumphones | 10.8.0 | |
| asterisk | digiumphones | 10.9.0 | |
| asterisk | digiumphones | 10.10.0 | |
| asterisk | digiumphones | 10.10.0 | |
| asterisk | digiumphones | 10.10.0 | |
| asterisk | digiumphones | 10.11.0 | |
| asterisk | digiumphones | 10.11.0 | |
| asterisk | digiumphones | 10.11.0 | |
| asterisk | digiumphones | 10.11.0 | |
| asterisk | digiumphones | 10.12.0 | |
| asterisk | digiumphones | 10.12.0 | |
| asterisk | digiumphones | 10.12.0 | |
| asterisk | digiumphones | 10.12.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93F81ACF-615F-4EF5-BD73-74F4010B43D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D773468A-4C2D-4B88-BAB6-C2D892A304C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAE9D7-7A67-40D0-B864-66E76EBA5A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FFB08-0FCD-4839-95F4-97C09EB7E921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10C54588-265A-4955-8C73-38ADB664EF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D84681-F861-49BE-832F-20EBAD3B60C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2313F843-0F74-4FC9-92A2-1F721BB4C490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "23E24161-31DB-4739-B16D-B0BDF5151307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5E4B4F-49B7-41CB-803B-47A0081C3112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27D37142-F88C-42DE-A0FD-B17AB7981963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A5BD7C-3491-456A-A333-481977280F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "12711E11-F6CF-4A61-83FD-AD3748D7C47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86E83CDF-E3B5-48A8-B526-67A1618B97AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C8B329-AC4C-46E5-BAC3-B2B72C16A453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A81245B-0276-4D51-A3B4-9CC7233C9A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC30C27-32BD-42A9-814E-123BD18F416B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "676BA331-833E-4C8B-A523-2116752567B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D301553-EF77-4494-A893-FDC12E6A8C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35362678-3960-40E0-BB94-4642F09DDB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE8D88-E407-4E9F-8418-E95C16A55358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDEDE38-79FE-4B21-BE42-E8AA14475AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7128AC5-5DD7-4BD3-B14C-4ADA155DD5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2C32DA-44CE-4407-84B2-02B0D0474000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B032B5-06AB-4ABE-B51E-DE5C13458C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F33168AF-A3FB-4694-9DC8-CC28A7C3B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1075D5D-5F81-4E26-90B0-60659B8D36B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47805A52-856B-4C30-A04F-0B683FDBE075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB7C4A-7CF7-4D57-B65D-741AFA6393EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85522E25-E76C-4CCF-AB7C-A74E1703D919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AC3BE912-0B42-416B-A0E2-B17FDF07BAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "4FC9C2FB-A77B-4242-B4A1-92112E1C19B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41CA6DD3-FD39-482B-83AA-FE24055E9B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C28AB9A1-54B6-4C9A-8E4C-52A3BF147DE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28E4852C-4444-40BB-8DBB-51EC97D6BD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.13.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "602E20C8-9DFF-4D11-8F1E-F7E943E8FE30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.13.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DC5CE37E-7BAC-45D5-AD09-8823D893627C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B38DE1B4-44CF-4199-B739-5880F6492216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B25558F4-2DF6-4C00-969F-67F7C2A05668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.14.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8EFFEF57-8097-42B1-AC4F-20CEFAC4AFA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.14.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6DFF8BD7-7287-40B2-8BAC-46C85440882D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00C94601-5C7E-4B9B-A8C9-A78C7E529864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1926E877-9EA2-457B-B501-6E07760B38A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.15.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "604956F2-5FE8-4D0A-A5EF-20E6D0E89933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42D8445A-8F8D-47D3-BBE4-687BD00D2E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9DF848-DEFC-4F1C-81BF-BFD2E142565E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.16.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BBB8E443-4A8D-405D-AF18-D56EE3D3AB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.16.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5BAE4B32-F771-4DEA-9665-C862F3BA38B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21E8BAFB-6973-48DE-9835-93464882712A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.17.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "57BF8BF0-DAD0-472B-9A13-34633F2BED91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.17.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "06E40764-4AFD-4DAA-BC96-46881EB55F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.17.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "412E6FAF-60A4-44DF-A1E5-BFBB127367B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBFEE9B-B3D5-4659-A833-03804A010474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.18.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F127574-4C2A-4D0D-9601-B369C9E75BC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23A58518-4619-4B6C-A01E-875E7A02B563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A56402C5-9408-4A7C-A6BF-DF1707EE19F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.19.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "145FF5F2-E4DC-42AD-B320-A9A82D517073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.19.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "217B4501-AEBA-4417-87D8-0C18779F16F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3784F3AC-0A54-4453-85C9-33C5AF05564E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39900193-C2F2-424E-95A9-B7EF637A3F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.20.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "589B3B1E-5BCB-4BA3-B4A6-CD9FAF8AD05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.20.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0B5C6294-7BB5-4749-8F90-7AB3786696F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E2D3320-3A6E-4756-9314-78E5027CDD88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E55A7B81-4661-4E77-94FE-DA8D6261DC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "964672AE-C840-465E-BE8A-8E19D9C060AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "48827211-8F2F-4801-A5CD-77B07D1DD320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2463AD2-B341-494C-87AF-73B69B75D162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5DACA8-EBD6-4854-A32E-EDBD8C28B3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC77FCCF-EE5C-4121-A0AF-B9DC71E72C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33423-6093-4DC9-BCFF-77003776373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9DEA8945-9ACD-4CE7-A5E6-5207E16C663E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B2A7FC21-74FF-48BF-9BA8-A143FCB2BF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FCD6B4-ED33-424F-AD30-64227894B0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC59D23-316D-43FC-9BA9-67E8BDAF5F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59556035-E04B-4350-BD3B-A3935C28C6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F73501-BE0D-4130-8077-D5D853E91F1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3C72C50B-12C1-4A1C-B51F-F66244C18CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6D3A3D9A-9F63-44FD-BF14-2DC3AE8C0D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56C40572-5FBE-4A39-AF3D-A335873BF660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "844232F0-D524-44E0-B420-2992BC0FED11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D73A9C29-4270-4126-9D6B-3780F6F3D7D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A402F4F2-73BC-49B1-B5DD-9231F090BFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "410D67F4-C941-4CBE-8D82-673217EE7FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45244F02-B71A-4692-BDAD-34C37ACAB676",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA73D5CD-0BBC-42EF-9693-265A0566E789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0574B440-5004-4F47-B657-1672E9092A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88E1F128-276F-4883-A93C-D5C7282925DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5392F1-57AC-4208-9646-42098CCEF80B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9D11D64C-6E1F-4014-88D2-F5FB61D66C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "036281DD-6F0A-4810-A1D3-952077896808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2749712C-929A-43F4-B58A-F9F777DBD84D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "92AD9878-F87D-43AC-BE2B-514977F5A182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1A9089A8-55D4-4992-BAC0-FE5BE3E2F472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F33E93C3-D4A3-4A38-84E1-0D3CB8915418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A1EE57-D8ED-4A2E-BE71-043E06EA4F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BC400500-F1CF-4D13-A18E-25B5EE70F3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A215C07A-6E8C-4EEB-AD94-68A75BE7DB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9764E3-DA33-4A31-97C7-E523D6DE6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "703FBE7B-CAD4-43B4-920D-DFC28CFFB7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.11.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "00750678-5A5E-4A75-A405-3D42E1CB147A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "31228737-2F7E-434A-B4FE-E1C9BB71D893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A84F1317-E44E-4CD4-8979-DC335AD8B457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D358E8-6399-4568-9ECC-CA084B80129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1DC34227-26A7-44C1-B5CB-C7328134316B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E2E2701A-489E-4A9C-9E5C-01661E599BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D13892E-0D45-438B-A126-439335B47C90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0D8EF3-6BA5-4C60-8130-DF62A9592CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "1B00830D-18F2-4A68-926A-2FD397674F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "3C2E04B4-C70D-40AE-AEA5-0D39304F6C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9C86349C-EBD4-4857-9B4B-7A608F32BBCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7E88AC6C-50F6-486D-B0D0-97477FCD520D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "171B2532-F5D2-4C3C-9C23-405839F590BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5923D0-F168-404B-9190-871D52D74DAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "50617F5A-5BAE-4C4A-975A-B23E9171ABDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BE09B558-576C-461C-8089-8EE59F168ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "83DEBCA4-F4CC-4E78-A80F-C673105FA868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3720E8-67C2-492D-9DBA-6ED9085CB01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28E2C7E4-226C-4420-856D-E420633E301F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA3CDE0-AAE5-48A4-98C3-767CCCC3C9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B73137F-79EA-48DD-B29E-41DB8C20711B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1F185B3E-9594-4AFD-B16B-6C82A03B93B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3740427-BBC9-4D76-9F54-C13AF097CD05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15:cert1:*:*:*:*:*:*",
"matchCriteriaId": "E6025382-31C8-4227-B44F-856FD014B283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15:cert1:rc1:*:*:*:*:*",
"matchCriteriaId": "0DAEE2C6-008C-476D-8464-3C616E5CA805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15:cert1:rc2:*:*:*:*:*",
"matchCriteriaId": "688A1BA8-A195-41E9-812D-F4400EFA5B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15:cert1:rc3:*:*:*:*:*",
"matchCriteriaId": "177A2158-B36D-4B6D-9FEA-2DF32830AE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84E1FF-10CB-45AA-B2EC-6FB6E78C6D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "83726255-3A94-49A7-A43F-414CA0A814FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:business_edition:c.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72528F09-D212-4CE8-A2B7-7A6CFCB9A199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:business_edition:c.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CAEC99E3-65A4-4BD4-9421-49F9E6D828A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:business_edition:c.3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9FB6BA-1281-4097-8A70-62B691468C63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0188A765-4376-4EDC-8070-74B6882253B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "98F95DCC-6B40-42D6-BDA4-8BBE5C4AB4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "28051F65-0862-438F-B4D6-1F7F1B93A76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "344BE33A-2345-48C4-91EB-58C4EC2499B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C38C7220-D25C-4399-A414-0541A44DCD6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E69A7B6F-1D33-471D-80B2-37D30817FD7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7DA77C-2D86-4815-905F-78B9B55B4790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D4C5D9FD-24AD-4C73-ACA3-924AA2D4C041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "039D01BB-9B67-467B-9E5D-89208C4F9595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87B7DFEB-9DDF-4DE7-A295-869F810FD5BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C0C0F3B5-97EF-4806-AD51-DD201F35F44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E08D0CC7-7339-4468-9CC6-7007D859160C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "ACAF81C5-D3B2-4D7E-BD1F-2FFCEDE3E2B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3146A017-A6A5-4C3D-8138-EBE552A99F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEECF41-6AFA-4067-ADB4-EA53A6C77740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "271F0ACA-F4F5-4FD9-8F39-56722EE40D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "AEAF9BED-896B-4E0D-AE2A-65ADA2B96876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32A45F41-BA2A-4878-82BA-2C1EE3301708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AAEBB11B-AC3A-46C2-94F6-7B68994E47C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "28A8C554-04E9-4A86-B2CA-12B19BF5BD9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.4.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "CC2E7D4E-2713-4F50-A646-8643FA31C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "295AE899-CE46-4904-AA88-F05D857D50F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EC070B60-E90E-432F-AF02-5BCD6CFA8902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6FE1237-4974-4F87-BB44-1608D5879856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14248FC6-A833-4918-AC6D-94DC75E28D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0FA03327-13B9-488D-A1D7-59AB07926B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2CC53629-1F20-4B22-9465-63250F917007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62F912BF-1512-45E8-9035-750F083D60B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "540F8042-4B26-4078-ACE7-DBAC45D4FA93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17DC68FD-F05E-4821-BAA1-5A871C8C39AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6093D29F-64F8-4E3E-B6C4-646D0D6A6B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "9424B04A-6262-4E31-BFD3-F5849EF32771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39147BA2-6F85-4E88-A896-B5F5C571A835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A54E95F9-2CFC-43C6-AF6B-44ABC5555C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB53F9D1-14EC-4B00-9A72-E086D2EB27F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4C48AD83-84B9-4A92-8C88-FC4F966644DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39202DF6-359E-4A62-98B4-D42A5F899717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.11.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C7134E96-F5EF-4E87-9B11-DAA2A1D90761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2A761C15-53E2-4BDC-AF7B-86BCB7F10466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C3288F41-D446-4899-9AC7-60EB72145ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44027DC7-1BD6-4F17-AD4F-6D6457B779FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "170DEF44-9D18-4C9E-919F-5B7CC2C7D727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1674C43B-51DE-484C-8B87-CF3256589BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEFB68A-9C07-468F-A118-315D8DB21897",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur."
},
{
"lang": "es",
"value": "El controlador del canal SIP en Asterisk Open Source v1.8.x antes de v1.8.20.2, v10.x antes v10.12.2 y v11.2.2 anterior a v11.x; Certified Asterisk v1.8.15 antes v1.8.15-cert2, Asterisk Business Edition (BE) vC.3.x antes vC.3.8.1 y Digiumphones Asterisk 10.x-digiumphones antes v10.12.2-digiumphones muestra un comportamiento diferente para transacciones INVITE, SUBSCRIBE y REGISTER inv\u00e1lidas en funci\u00f3n de si la cuenta de usuario existe, lo que permite a atacantes remotos para enumerar los nombres de cuenta de (1) los c\u00f3digos de estado HTTP de lectura, (2) la lectura de un texto adicional en un 403 (tambi\u00e9n conocido como Forbidden) respuesta, o (3) observando si se producen ciertas retransmisiones."
}
],
"id": "CVE-2013-2264",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-01T16:55:03.747",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-21013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-21013"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-30 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2012-006.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html | ||
| cve@mitre.org | http://osvdb.org/81456 | ||
| cve@mitre.org | http://secunia.com/advisories/48891 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/53205 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1026963 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/75101 | ||
| cve@mitre.org | https://issues.asterisk.org/jira/browse/ASTERISK-19770 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2012-006.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/81456 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48891 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/53205 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026963 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/75101 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.asterisk.org/jira/browse/ASTERISK-19770 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.1 | |
| asterisk | open_source | 1.6.2.1 | |
| asterisk | open_source | 1.6.2.2 | |
| asterisk | open_source | 1.6.2.3 | |
| asterisk | open_source | 1.6.2.4 | |
| asterisk | open_source | 1.6.2.5 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.8 | |
| asterisk | open_source | 1.6.2.8 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.12 | |
| asterisk | open_source | 1.6.2.12 | |
| asterisk | open_source | 1.6.2.13 | |
| asterisk | open_source | 1.6.2.14 | |
| asterisk | open_source | 1.6.2.14 | |
| asterisk | open_source | 1.6.2.15 | |
| asterisk | open_source | 1.6.2.15 | |
| asterisk | open_source | 1.6.2.15.1 | |
| asterisk | open_source | 1.6.2.16 | |
| asterisk | open_source | 1.6.2.16 | |
| asterisk | open_source | 1.6.2.16.1 | |
| asterisk | open_source | 1.6.2.16.2 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17.1 | |
| asterisk | open_source | 1.6.2.17.2 | |
| asterisk | open_source | 1.6.2.17.3 | |
| asterisk | open_source | 1.6.2.18 | |
| asterisk | open_source | 1.6.2.18 | |
| asterisk | open_source | 1.6.2.18.1 | |
| asterisk | open_source | 1.6.2.18.2 | |
| asterisk | open_source | 1.6.2.19 | |
| asterisk | open_source | 1.6.2.19 | |
| asterisk | open_source | 1.6.2.20 | |
| asterisk | open_source | 1.6.2.21 | |
| asterisk | open_source | 1.6.2.22 | |
| asterisk | open_source | 1.6.2.23 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1.1 | |
| asterisk | open_source | 1.8.1.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2.1 | |
| asterisk | open_source | 1.8.2.2 | |
| asterisk | open_source | 1.8.2.3 | |
| asterisk | open_source | 1.8.2.4 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3.1 | |
| asterisk | open_source | 1.8.3.2 | |
| asterisk | open_source | 1.8.3.3 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4.1 | |
| asterisk | open_source | 1.8.4.2 | |
| asterisk | open_source | 1.8.4.3 | |
| asterisk | open_source | 1.8.4.4 | |
| asterisk | open_source | 1.8.5 | |
| asterisk | open_source | 1.8.5.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.1 | |
| asterisk | open_source | 1.8.7.2 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.1 | |
| asterisk | open_source | 1.8.8.2 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.1 | |
| asterisk | open_source | 1.8.9.2 | |
| asterisk | open_source | 1.8.9.3 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.1 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.1 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.1 | |
| asterisk | open_source | 10.1.2 | |
| asterisk | open_source | 10.1.3 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.1 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1442DC6C-2248-41E7-BDB4-084B123A6B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F1A4AAE7-00D5-490B-AA19-A42508ECBC8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DC64764B-C531-419C-8BB8-30C5F63C7EA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "7A5F9E61-B614-4C47-82AC-D16B457C266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "20FE8D05-A577-4EEC-ABBA-8051582975F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "4A216714-9F2B-45D7-B2A7-1F67751EA967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "42417475-610C-4A81-8B02-794640F8DDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc8:*:*:*:*:*:*",
"matchCriteriaId": "5A259435-BBB8-453B-82D3-2E4EE3BD9371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5834D5D3-F6FD-44C0-B7C1-34D715141A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F894080-DE73-4005-B2FE-E431F38D7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F70BA9D-6EDA-4859-90D1-EB69B48C2B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "33428429-33B5-4312-97E3-9A4B8A8F4C55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6E2126-B737-4C88-A66A-B88CB16476D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E6992A-73EB-401D-A905-D53313F28727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3345E-4260-4636-83DB-887F0733D7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "95C61533-C030-4B97-A94C-E44315BB6FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "91D670A7-2D38-4C50-96C2-3F3CA0F43515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39C637DF-5963-4C7C-8EF1-9A44E94AFE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8452C108-EF47-4C57-A505-D5B5AD5B1C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "40411DE4-CBDB-40D2-95A2-800EB554D1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "519DF434-8CF5-4F5E-80EF-4BBDA94DCD0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A5DD7471-1DA5-44EC-BD21-B0E0BFC58B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9520C54-8FD9-45FC-B64F-4E06D7E3E66B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9226B072-E5CF-40F7-B48D-8982054D1D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AC3B7AB5-FDC5-4175-B519-F749BE62AF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E7CA9765-F31C-41CF-9911-02E4309715E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A7A94C77-0762-45E8-9869-98D0E5F164E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0D2EE6-EDB9-4A0C-B31E-0B941DB912D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FDC7A9FA-5424-4A04-94D2-079FAF09BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "952F6925-EE1F-49EC-84A6-53A1A375FDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83E972B3-9787-47C9-9420-C66AE9C48CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F90ABE6-6B41-49BD-84BA-69A7BFEC23E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5C76827E-FA7E-42D3-A8E0-12566B461AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C35260-7A25-4259-B158-D5F825DB881B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16F66401-3A90-440F-88FD-C738806D168F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E323B610-AC45-4D24-87B9-0092AA9EFF39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DA54B75D-08C0-4182-8345-266240396A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7B9A8A55-2D6B-4434-BBD1-C7D80D0132C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDA8DC8-7299-4DC5-9426-524F6EEF75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "37C926F8-EC9F-49DD-8490-621843D41946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4795C86-CC4A-462A-B87A-FD32EA2889C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C03CED60-D582-493B-8D7C-FB3CB81D3647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8FFBAFC0-B9C6-40F3-B7EF-DE6F23F8D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35358757-6A14-48A0-BE40-B05F9A7451A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9B2CD0-0C61-4C9C-8B42-EA64D22BBE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "13D262E7-7A67-4622-8416-748519C80CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E0DCFB72-505A-486E-A096-87AB639F4710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C44F91FC-DC0C-4BB9-9FD0-1C7AAEA3D150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0316776E-CD3B-4DEF-ABCA-5806A398E327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E83FA56-DC43-4E3F-B9EB-136DE64E78A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5646D4C3-8491-4735-97A6-26688523512F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "90F7E035-9464-4921-8859-5854D47347B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE2F8D1-EC83-4CD8-A565-F59DCEC71120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4B763606-23A8-4159-9ECF-0766B13E8200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56E892-06D2-496A-ADFD-CBEC70DA1E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF01FF3C-5BA1-4758-97B4-633A20AB4C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7A201AA6-B612-476C-9555-870B58FE3169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B7889CE9-E2AB-4590-B447-ACCB21CB8E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "981A63D1-B6E2-4A38-8FB6-883E08BCE12F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF33946-9E1F-4992-BA76-46227BDC1885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "03FB9FF6-100C-4643-9E34-9EC43F214C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "4A30A7DF-2754-4C03-92F7-0028613C7165",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93F81ACF-615F-4EF5-BD73-74F4010B43D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D773468A-4C2D-4B88-BAB6-C2D892A304C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAE9D7-7A67-40D0-B864-66E76EBA5A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FFB08-0FCD-4839-95F4-97C09EB7E921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10C54588-265A-4955-8C73-38ADB664EF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D84681-F861-49BE-832F-20EBAD3B60C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2313F843-0F74-4FC9-92A2-1F721BB4C490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "23E24161-31DB-4739-B16D-B0BDF5151307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5E4B4F-49B7-41CB-803B-47A0081C3112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27D37142-F88C-42DE-A0FD-B17AB7981963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A5BD7C-3491-456A-A333-481977280F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "12711E11-F6CF-4A61-83FD-AD3748D7C47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86E83CDF-E3B5-48A8-B526-67A1618B97AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C8B329-AC4C-46E5-BAC3-B2B72C16A453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A81245B-0276-4D51-A3B4-9CC7233C9A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC30C27-32BD-42A9-814E-123BD18F416B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "676BA331-833E-4C8B-A523-2116752567B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D301553-EF77-4494-A893-FDC12E6A8C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35362678-3960-40E0-BB94-4642F09DDB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE8D88-E407-4E9F-8418-E95C16A55358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDEDE38-79FE-4B21-BE42-E8AA14475AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7128AC5-5DD7-4BD3-B14C-4ADA155DD5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2C32DA-44CE-4407-84B2-02B0D0474000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B032B5-06AB-4ABE-B51E-DE5C13458C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F33168AF-A3FB-4694-9DC8-CC28A7C3B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E55A7B81-4661-4E77-94FE-DA8D6261DC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "964672AE-C840-465E-BE8A-8E19D9C060AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "48827211-8F2F-4801-A5CD-77B07D1DD320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2463AD2-B341-494C-87AF-73B69B75D162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5DACA8-EBD6-4854-A32E-EDBD8C28B3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel."
},
{
"lang": "es",
"value": "chan_sip.c en el controlador de canal SIP en Asterisk Open Source v1.8.x anterior a v1.8.11.1 y v10.x anterior a v10.3.1 y Asterisk Business Edition C.3.x anterior a C.3.7.4, cuando la opci\u00f3n trustrpid est\u00e1 activada, permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) mediante el env\u00edo de un mensaje de actualizaci\u00f3n SIP que desencadena un intento de actualizaci\u00f3n de la l\u00ednea conectada sin un canal asociado."
}
],
"id": "CVE-2012-2416",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-30T20:55:02.703",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/81456"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48891"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53205"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026963"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75101"
},
{
"source": "cve@mitre.org",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19770"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-02 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html | ||
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2012-008.html | ||
| cve@mitre.org | http://secunia.com/advisories/49303 | ||
| cve@mitre.org | http://www.debian.org/security/2012/dsa-2493 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/53723 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1027103 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/75937 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2012-008.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/49303 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2493 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/53723 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027103 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/75937 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | certified_asterisk | 1.8.11 | |
| asterisk | certified_asterisk | 1.8.11 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.5 | |
| asterisk | open_source | 1.8.5.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.12 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| sangoma | asterisk | * | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.3 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| sangoma | asterisk | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert:*:*:*:*:*:*",
"matchCriteriaId": "4889B1B5-5160-476E-A1C0-BEAE63C85CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*",
"matchCriteriaId": "62867AEF-D685-4B1F-8AB9-D1CCAC559821",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E21DF0C9-16E4-44B0-8749-85F7F245A87A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1075D5D-5F81-4E26-90B0-60659B8D36B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB7C4A-7CF7-4D57-B65D-741AFA6393EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85522E25-E76C-4CCF-AB7C-A74E1703D919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AC3BE912-0B42-416B-A0E2-B17FDF07BAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "4FC9C2FB-A77B-4242-B4A1-92112E1C19B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8D9B19-BD1E-4E1C-A1C3-6C64A6612233",
"versionEndIncluding": "1.8.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB76519-FD6D-4D74-8DF7-719822588C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9DEA8945-9ACD-4CE7-A5E6-5207E16C663E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B2A7FC21-74FF-48BF-9BA8-A143FCB2BF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FCD6B4-ED33-424F-AD30-64227894B0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E7D4883-79E3-4DD1-A555-136A0664E94E",
"versionEndIncluding": "10.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode."
},
{
"lang": "es",
"value": "chan_skinny.c en el controlador de canal de Skinny (alias SCCP) en Certified Asterisk 1.8.11-cert antes de v1.8.11-cert2 y Asterisk Open Source v1.8.x antes de v1.8.12.1 y v10.x antes de v10.4.1, permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio (eliminar la referencia del puntero NULL y ca\u00edda demonio) por el cierre de una conexi\u00f3n en el modo de descuelgue."
}
],
"id": "CVE-2012-2948",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-02T15:55:01.027",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html"
},
{
"source": "cve@mitre.org",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-008.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/49303"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2012/dsa-2493"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53723"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027103"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.asterisk.org/pub/security/AST-2012-008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75937"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-01-08 02:46
Modified
2025-04-09 00:30
Severity ?
Summary
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.digium.com/view.php?id=11637 | Patch | |
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-001.html | Patch | |
| cve@mitre.org | http://secunia.com/advisories/28299 | ||
| cve@mitre.org | http://secunia.com/advisories/28312 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/3520 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/485727/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/27110 | Exploit, Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1019152 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0019 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/39361 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.digium.com/view.php?id=11637 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-001.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28299 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28312 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/3520 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/485727/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/27110 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1019152 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0019 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/39361 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk_appliance_developer_kit | * | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisknow | * | |
| asterisk | open_source | * | |
| asterisk | s800i | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6AD937-90F0-4359-85DD-038604F64D2D",
"versionEndIncluding": "1.4_revision_95945",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "526991C1-D07E-465C-A609-704C19F8096A",
"versionEndIncluding": "c.1.0beta7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C896A32E-906D-4AD0-A00B-11DC064CBA6E",
"versionEndIncluding": "beta_6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EF54E7-C4A1-474F-9D89-18E13F620F42",
"versionEndIncluding": "1.4.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA6388A-09B4-4338-8228-3E27500DD521",
"versionEndIncluding": "1.0.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference."
},
{
"lang": "es",
"value": "El controlador de canal SIP de Asterisk Open Source 1.4.x versiones anteriores a 1.4.17, Business Edition versiones anteriores a C.1.0-beta8, AsteriskNOW versiones anteriores a beta7, Appliance Developer Kit versiones anteriores a Asterisk 1.4 revision 95946, y Appliance s800i 1.0.x versiones anteriores a 1.0.3.4 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (c\u00e1ida de demonio) mediante un mensaje BYE con una cabecera Also (tranfiere tambi\u00e9n), que dispara un referencia a puntero NULL."
}
],
"id": "CVE-2008-0095",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-08T02:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://bugs.digium.com/view.php?id=11637"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-001.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28299"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28312"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3520"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/485727/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/27110"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019152"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0019"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39361"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://bugs.digium.com/view.php?id=11637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/485727/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/27110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-23 16:05
Modified
2025-04-09 00:30
Severity ?
Summary
The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends "early audio" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.digium.com/view.php?id=10078 | ||
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-006.html | ||
| cve@mitre.org | http://www.altsci.com/concepts/page.php?s=asteri&p=1 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/42049 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.digium.com/view.php?id=10078 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.altsci.com/concepts/page.php?s=asteri&p=1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/42049 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk_appliance_developer_kit | * | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | a | |
| asterisk | asterisk_business_edition | b.1.3.2 | |
| asterisk | asterisk_business_edition | b.1.3.3 | |
| asterisk | asterisk_business_edition | b.2.2.0 | |
| asterisk | asterisk_business_edition | b.2.2.1 | |
| asterisk | asterisk_business_edition | b.2.3.1 | |
| asterisk | asterisk_business_edition | b.2.3.2 | |
| asterisk | asterisk_business_edition | b.2.3.3 | |
| asterisk | asterisk_business_edition | b.2.3.4 | |
| asterisk | asterisk_business_edition | b.2.5.0 | |
| asterisk | asterisk_business_edition | c.1.0-beta7 | |
| asterisk | asterisk_business_edition | c.1.0-beta8 | |
| asterisk | asterisk_business_edition | c.1.0beta7 | |
| asterisk | asterisk_business_edition | c.1.6.1 | |
| asterisk | asterisknow | * | |
| asterisk | asterisknow | 1.0 | |
| asterisk | asterisknow | 1.0.1 | |
| asterisk | open_source | 1.0 | |
| asterisk | open_source | 1.0.0 | |
| asterisk | open_source | 1.0.1 | |
| asterisk | open_source | 1.0.2 | |
| asterisk | open_source | 1.0.3 | |
| asterisk | open_source | 1.0.4 | |
| asterisk | open_source | 1.0.5 | |
| asterisk | open_source | 1.0.6 | |
| asterisk | open_source | 1.0.7 | |
| asterisk | open_source | 1.0.8 | |
| asterisk | open_source | 1.0.9 | |
| asterisk | open_source | 1.0.11 | |
| asterisk | open_source | 1.0.11.1 | |
| asterisk | open_source | 1.0.12 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.1 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.4 | |
| asterisk | open_source | 1.2.4 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.7.1 | |
| asterisk | open_source | 1.2.7.1 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.9 | |
| asterisk | open_source | 1.2.9.1 | |
| asterisk | open_source | 1.2.9.1 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.27 | |
| asterisk | open_source | 1.2.28 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.1 | |
| asterisk | open_source | 1.4.2 | |
| asterisk | open_source | 1.4.3 | |
| asterisk | open_source | 1.4.4 | |
| asterisk | open_source | 1.4.5 | |
| asterisk | open_source | 1.4.6 | |
| asterisk | open_source | 1.4.7 | |
| asterisk | open_source | 1.4.7.1 | |
| asterisk | open_source | 1.4.8 | |
| asterisk | open_source | 1.4.9 | |
| asterisk | open_source | 1.4.10 | |
| asterisk | open_source | 1.4.10.1 | |
| asterisk | open_source | 1.4.11 | |
| asterisk | open_source | 1.4.12 | |
| asterisk | open_source | 1.4.12.1 | |
| asterisk | open_source | 1.4.13 | |
| asterisk | open_source | 1.4.14 | |
| asterisk | open_source | 1.4.15 | |
| asterisk | open_source | 1.4.16 | |
| asterisk | open_source | 1.4.16.1 | |
| asterisk | open_source | 1.4.16.2 | |
| asterisk | open_source | 1.4.17 | |
| asterisk | open_source | 1.4.18 | |
| asterisk | open_source | 1.4.18.1 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | s800i | * | |
| asterisk | s800i | 1.0 | |
| asterisk | s800i | 1.0.1 | |
| asterisk | s800i | 1.0.2 | |
| asterisk | s800i | 1.0.3 | |
| asterisk | s800i | 1.0.3.3 | |
| asterisk | s800i | 1.1.0 | |
| asterisk | s800i | 1.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2140AF01-7079-4433-AF28-45E767E59AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C58BA442-8E36-492B-9700-B20B469190F4",
"versionEndIncluding": "b2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "267F32ED-B9E4-4454-99C1-F445E52EE96F",
"versionEndIncluding": "c1.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:a:*:*:*:*:*:*:*",
"matchCriteriaId": "313B3A38-8DEA-4D62-A1A4-0B6011E81870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "802F8680-AB38-41AF-BFC8-F6927F6B1626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAE8D90-B032-4C60-B487-BE655D00FFAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64A872-B7B8-46A8-81E4-49EDAC160531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "21000270-C9B9-430C-A252-763887A15835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F7CF45-5482-4947-8F1D-48C746987475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B64995D-7892-49AB-A89D-A5D15615C5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0397DBD4-EA00-444A-9008-4932F99DF325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD865F-BC39-4255-A797-6E5945773337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4956871-4DD3-4299-8BEB-9D98A4449A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0-beta7:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC80EBD-14D3-44A6-A06F-0549722E0EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0-beta8:*:*:*:*:*:*:*",
"matchCriteriaId": "7859797F-E9AD-4429-BD2C-A24EC24A5D03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0beta7:*:*:*:*:*:*:*",
"matchCriteriaId": "34FAE6AC-1C98-42E0-A5D4-5EA17ED325A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00A6DAD0-D4C3-4A58-A35A-991E04B50EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "272DE03B-1470-45FF-A31B-2CE44A8E8378",
"versionEndIncluding": "1.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6FE17C-3B08-4675-9F73-5DC0C2438BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8AB81C-3DCF-42E9-8022-2F7135022C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "678DB154-4363-42FF-8B28-367923FC6595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F2C378-FF0E-4765-9F66-625C4064D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A55A9295-F632-4856-90A1-38371EB98589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7FAE6AF1-884D-41F7-B174-9E13C7719C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA9E35B-9A6B-42F2-9315-9C7D09F62227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF7EC20-A424-45E5-B7E4-3CC86075858C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C790E105-55C8-4CDC-9FA8-E1FF6F130A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44C860EF-2B29-4995-B942-000CC43FDD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADB80EF-C724-44BA-88FC-24087799D0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "78B39BE8-7E2D-42DF-8633-44CAD5662777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F39036E3-0027-4C72-9DEB-9A6E2B4512C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A037E6F9-3EF7-4EEB-AC16-081421BCE40D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7EC02A-9C9E-4589-BBB3-1908D3078A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6C70FA9C-6F3B-4BDF-97FB-81D06AB0EE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7971E1-F136-4ADC-95EC-BC4F92E838CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27202966-2C41-4964-9497-1887D2A834C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1471B5A2-15BE-4E7C-BA49-2E6002F7C8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7108D72F-5AFD-4EEF-B2A9-CA4FA792E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:netsec:*:*:*:*:*:*",
"matchCriteriaId": "DC7EB4CD-6436-4E0B-A620-9DF2AC8A3C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "107DA2D8-FE7C-4B70-856D-43D58B988694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:netsec:*:*:*:*:*:*",
"matchCriteriaId": "02D5E6DF-7C9C-479F-986B-D5C8A144ACB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD71DD9-8A15-45E2-9FB3-F0544D7E1B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:netsec:*:*:*:*:*:*",
"matchCriteriaId": "68AF6200-1385-449F-A00E-2BACEE16450B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5C14614F-4E27-40A6-9E56-2B1DBB10330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:netsec:*:*:*:*:*:*",
"matchCriteriaId": "61C0769F-6739-41D2-ADD8-924AC04C5F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2F2F5A-66FD-4057-917C-66332A88D83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8EF13987-5767-4FED-9584-63D74B0A30A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "399B0206-B48B-46EF-8CA6-A6E5A2550B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "C57C1324-E11A-4B2B-9722-A4A63AEF0497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "26E9760F-C0EB-47BB-8DA4-CC7815099DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:netsec:*:*:*:*:*:*",
"matchCriteriaId": "EE6D9718-D57D-48F6-A2B1-CECAFFCDDFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4C510A9A-C3E2-4AF8-9919-1A22E918CDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD915CD-A7D3-4305-A6C0-290C648A226C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "3249AB40-2058-42E9-9A33-64E434E5BB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:netsec:*:*:*:*:*:*",
"matchCriteriaId": "0CF6584D-A7BB-4BD5-8232-9293FEE4A971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:netsec:*:*:*:*:*:*",
"matchCriteriaId": "174D6B56-7D0F-46F0-849A-FD05CB348FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4F734E-0E78-4957-B323-8E9FBA7FF15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:netsec:*:*:*:*:*:*",
"matchCriteriaId": "938F545A-F8A7-455E-8E5A-2B5454B6CE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B117B-E945-4033-A79D-10DFAA3DF18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:netsec:*:*:*:*:*:*",
"matchCriteriaId": "B2BAA1B3-7DD3-4248-915D-2BCC0ACFA2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EBFB79-C269-4132-BFAB-451F66CE8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:netsec:*:*:*:*:*:*",
"matchCriteriaId": "21612C17-7368-4108-B55B-5AB5CA6733E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8A0D57D7-15AD-4CDF-A5A7-AB83F8E6154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:netsec:*:*:*:*:*:*",
"matchCriteriaId": "06DB25C8-4EA5-465F-8EFA-BCA8D40F1795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:netsec:*:*:*:*:*:*",
"matchCriteriaId": "A149F8C2-3DA5-44B2-A288-3482F3975824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9462B320-B69D-409D-8DCC-D8D6CA1A757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:netsec:*:*:*:*:*:*",
"matchCriteriaId": "ECCCBAE9-8FD4-43F0-9EF8-56E9BBA3D8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59BC20-3217-4584-9196-D1CD9E0D6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:netsec:*:*:*:*:*:*",
"matchCriteriaId": "BEA0014A-659B-4533-A393-6D4ADC80EB0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8F1621F9-7C84-4CF0-BBCD-CEAEE8683BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64DF29-5B3D-401E-885E-8E37FD577254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "346C9F65-B5FB-4A75-8E1B-137112F270D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:netsec:*:*:*:*:*:*",
"matchCriteriaId": "7EFEE380-0C64-4413-AF3A-45ABC8833500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8CA18FC6-1480-400E-A885-8CDAE45AA7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:netsec:*:*:*:*:*:*",
"matchCriteriaId": "93741261-378B-4C02-8D68-0E5F39128375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:netsec:*:*:*:*:*:*",
"matchCriteriaId": "07CF9DD6-B624-49F0-A8E4-7EBCE7932BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9EEA1E9C-C1FB-4EFD-86EA-DCF78C57FC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "5E20FAF7-9031-478E-A89C-D6FB3B5FDE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "72375576-F857-4585-A677-A326D89A65B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "BE47A547-26E7-48F9-B0A6-2F65E04A1EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AEB744-FCF2-4A41-8866-9D1D20E6C6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "967DF432-DEF4-4FA2-8C8D-19A7FB663A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "40850BF4-E252-4667-9B46-9B6FEF6E997D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1BB01DD1-B29B-4210-88CC-9ADB3148A410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "5C0FA6A3-BFA9-4397-B75B-75C8357C36B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "295D4042-2D3C-481B-B969-2DDAC1161198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99E9EE2A-56AD-42BC-8CB0-D34091849B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96877A3E-B54B-4F31-B281-76CDC98B2D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0B4503-42A6-4D88-954E-A662E91EC204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B73813-BCD8-429E-B9B9-D6665E026BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBA3ECC-4F40-41CD-A6D7-BBD680DDBACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9CBE2156-AF86-4C72-B33D-3FF83930F828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61408884-FBBF-4D94-A552-F99AB46DCED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4A527277-D97D-4B74-906F-7481BDBD96D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B57A32-7B83-4783-A244-C26301970444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "044FD0D0-FC92-4A01-B0D4-11A703EF21FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3477EC1A-9634-492C-B052-35770A9C9F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1C90F104-FA2C-4091-B149-1774AC982C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C9328768-7C08-4143-B5F8-F5C2D735D21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C04E2B3-094B-4828-A2FC-BB66244A9F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE3D31-4BB2-45A3-B085-8C91152A3152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0107D4-395E-45F1-B963-7618CCC007D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "53B8E11B-4984-45A8-A107-D276205988B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2495DB98-F923-4E60-86EC-2DBB7A98C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E186D125-996E-4900-A2B8-5CDC8B5D5136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27DC6CF7-4DF8-4472-A684-8CCB5E26FCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "88576385-EF03-408B-9775-B52E6AFFE48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1A838577-2BA1-4792-8B69-6FB07FFD7727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEED3E1-13E0-46E6-8AAB-D24D2D04AE4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BFC1BB05-15C6-4829-86EB-5B1BFA4B5B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AB77E88B-7233-4979-914E-24E671C1FB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FF0F09-0268-480F-A2F3-6F8C3F323EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1CCF9CAE-674A-4833-9D5C-FCBD865BE9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C01793-C5D3-4359-B332-A8A104832370",
"versionEndIncluding": "1.1.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3A0A08-4107-4B8B-AE7E-DC23849A54DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9320928D-D83C-4258-AF62-AB2D1F50D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "569084D1-977D-41FC-A444-0B3F5199DDD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02D182FB-761C-4F08-A776-B613FAC55230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9046D49-6878-4571-8B9E-2FBD5BA80D19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B5EDAB-61DD-4864-A159-39292D339DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "101DFEFB-7627-4D36-AAA2-EDFB4D0E5AB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends \"early audio\" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message."
},
{
"lang": "es",
"value": "El IAX2 channel driver (chan_iax2) en Asterisk 1.2 anterior a la revisi\u00f3n 72630 y 1.4 anterior a la revisi\u00f3n 65679, cuando est\u00e1 configurado para permitir llamadas sin autenticaci\u00f3n, env\u00eda \"early audio\" a una IP sin verificar de un mensaje NEW, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (amplificaci\u00f3n del tr\u00e1fico) a trav\u00e9s de un mensaje NEW falseado."
}
],
"id": "CVE-2008-1923",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-23T16:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"source": "cve@mitre.org",
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=1"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42049"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-24 17:44
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote attackers to (1) write a zero to an arbitrary memory location via a large RTP payload number, related to the ast_rtp_unset_m_type function in main/rtp.c; or (2) write certain integers to an arbitrary memory location via a large number of RTP payloads, related to the process_sdp function in channels/chan_sip.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-002.html | ||
| cve@mitre.org | http://labs.musecurity.com/advisories/MU-200803-01.txt | Exploit | |
| cve@mitre.org | http://secunia.com/advisories/29426 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29470 | ||
| cve@mitre.org | http://securityreason.com/securityalert/3763 | ||
| cve@mitre.org | http://securitytracker.com/id?1019628 | ||
| cve@mitre.org | http://www.asterisk.org/node/48466 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/489817/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/28308 | Exploit | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0928 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41302 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41305 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.musecurity.com/advisories/MU-200803-01.txt | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29426 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29470 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/3763 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1019628 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.asterisk.org/node/48466 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/489817/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28308 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0928 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41302 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41305 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk_appliance_developer_kit | 1.4 | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisknow | * | |
| asterisk | open_source | * | |
| asterisk | open_source | * | |
| asterisk | open_source | * | |
| asterisk | s800i | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2D0508-C418-48CE-BF83-39F893688D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A80C0F3-F3F0-4BC6-92F8-131F3F875E34",
"versionEndIncluding": "c.1.0-beta8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "526991C1-D07E-465C-A609-704C19F8096A",
"versionEndIncluding": "c.1.0beta7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C58E6B-AECC-48AF-8059-61772690776A",
"versionEndIncluding": "1.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F13399-5084-40FA-A4AB-D78ED588E434",
"versionEndIncluding": "1.4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:rc-2:*:*:*:*:*:*",
"matchCriteriaId": "F4AB8D8F-15AC-4516-85A2-B5D2B5B3DF04",
"versionEndIncluding": "1.4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53B339C1-272B-4A7E-A342-8BBD9DC82826",
"versionEndIncluding": "1.6.0_beta5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1E04DC-AE6A-4536-8E45-36494E51B036",
"versionEndIncluding": "1.1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote attackers to (1) write a zero to an arbitrary memory location via a large RTP payload number, related to the ast_rtp_unset_m_type function in main/rtp.c; or (2) write certain integers to an arbitrary memory location via a large number of RTP payloads, related to the process_sdp function in channels/chan_sip.c."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Asterisk Open Source 1.4.x antes de 1.4.18.1 y 1.4.19-rc3, Open Source 1.6.x antes de 1.6.0-beta6, Business Edition C.x.x antes de C.1.6.1, AsteriskNOW 1.0.x antes de 1.0.2, Appliance Developer Kit antes de 1.4 revisi\u00f3n 109386 y s800i 1.1.x antes de 1.1.0.2 permite a atacantes remotos (1) escribir un cero en una posici\u00f3n de memoria de su elecci\u00f3n a trav\u00e9s de un n\u00famero de carga \u00fatil (payload) RTP grande, relacionada con la funci\u00f3n ast_rtp_unset_m_type en main/rtp.c; o (2) escribir ciertos enteros en una posici\u00f3n de memoria de su elecci\u00f3n a trav\u00e9s de un n\u00famero grande de cargas \u00fatiles RTP, relacionadas con la funci\u00f3n process_sdp en channels/chan_sip.c."
}
],
"id": "CVE-2008-1289",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-24T17:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://downloads.digium.com/pub/security/AST-2008-002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://labs.musecurity.com/advisories/MU-200803-01.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29426"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29470"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3763"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019628"
},
{
"source": "cve@mitre.org",
"url": "http://www.asterisk.org/node/48466"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489817/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28308"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41302"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41305"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.digium.com/pub/security/AST-2008-002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://labs.musecurity.com/advisories/MU-200803-01.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.asterisk.org/node/48466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489817/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/28308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-08 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2009-006.html | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/36593 | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1022819 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/506257/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/36275 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2009-006.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/36593 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1022819 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/506257/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/36275 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk | b.1.3.2 | |
| asterisk | asterisk | b.1.3.3 | |
| asterisk | asterisk | b.2.2.0 | |
| asterisk | asterisk | b.2.2.1 | |
| asterisk | asterisk | b.2.3.1 | |
| asterisk | asterisk | b.2.3.2 | |
| asterisk | asterisk | b.2.3.3 | |
| asterisk | asterisk | b.2.3.4 | |
| asterisk | asterisk | b.2.3.5 | |
| asterisk | asterisk | b.2.3.6 | |
| asterisk | asterisk | b.2.5.1 | |
| asterisk | asterisk | b.2.5.3 | |
| asterisk | asterisk | b.2.5.4 | |
| asterisk | asterisk | b.2.5.5 | |
| asterisk | asterisk | b.2.5.6 | |
| asterisk | asterisk | b.2.5.8 | |
| asterisk | asterisk | b.2.5.9 | |
| asterisk | asterisk | c.1.0_beta7 | |
| asterisk | asterisk | c.1.0_beta8 | |
| asterisk | asterisk | c.1.6 | |
| asterisk | asterisk | c.1.6.1 | |
| asterisk | asterisk | c.1.6.2 | |
| asterisk | asterisk | c.1.8.1 | |
| asterisk | asterisk | c.1.10.3 | |
| asterisk | asterisk | c.1.10.4 | |
| asterisk | asterisk | c.1.10.5 | |
| asterisk | asterisk | c.2.1.2.1 | |
| asterisk | asterisk | c.2.3 | |
| asterisk | asterisk | c.2.3.3 | |
| asterisk | asterisk | c.2.4.2 | |
| asterisk | asterisk | c.3.1.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.1 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.4 | |
| asterisk | open_source | 1.2.4 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.7.1 | |
| asterisk | open_source | 1.2.7.1 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.9 | |
| asterisk | open_source | 1.2.9.1 | |
| asterisk | open_source | 1.2.9.1 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.27 | |
| asterisk | open_source | 1.2.28 | |
| asterisk | open_source | 1.2.29 | |
| asterisk | open_source | 1.2.30 | |
| asterisk | open_source | 1.2.30.2 | |
| asterisk | open_source | 1.2.30.3 | |
| asterisk | open_source | 1.2.30.4 | |
| asterisk | open_source | 1.2.31 | |
| asterisk | open_source | 1.2.32 | |
| asterisk | open_source | 1.2.33 | |
| asterisk | open_source | 1.2.34 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.1 | |
| asterisk | open_source | 1.4.2 | |
| asterisk | open_source | 1.4.3 | |
| asterisk | open_source | 1.4.4 | |
| asterisk | open_source | 1.4.5 | |
| asterisk | open_source | 1.4.6 | |
| asterisk | open_source | 1.4.7 | |
| asterisk | open_source | 1.4.7.1 | |
| asterisk | open_source | 1.4.8 | |
| asterisk | open_source | 1.4.9 | |
| asterisk | open_source | 1.4.10 | |
| asterisk | open_source | 1.4.10.1 | |
| asterisk | open_source | 1.4.11 | |
| asterisk | open_source | 1.4.12 | |
| asterisk | open_source | 1.4.12.1 | |
| asterisk | open_source | 1.4.13 | |
| asterisk | open_source | 1.4.14 | |
| asterisk | open_source | 1.4.15 | |
| asterisk | open_source | 1.4.16 | |
| asterisk | open_source | 1.4.16.1 | |
| asterisk | open_source | 1.4.16.2 | |
| asterisk | open_source | 1.4.17 | |
| asterisk | open_source | 1.4.18 | |
| asterisk | open_source | 1.4.18.1 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19.1 | |
| asterisk | open_source | 1.4.19.2 | |
| asterisk | open_source | 1.4.20 | |
| asterisk | open_source | 1.4.20 | |
| asterisk | open_source | 1.4.20 | |
| asterisk | open_source | 1.4.20 | |
| asterisk | open_source | 1.4.21 | |
| asterisk | open_source | 1.4.21 | |
| asterisk | open_source | 1.4.21 | |
| asterisk | open_source | 1.4.21.1 | |
| asterisk | open_source | 1.4.21.2 | |
| asterisk | open_source | 1.4.22 | |
| asterisk | open_source | 1.4.22 | |
| asterisk | open_source | 1.4.22 | |
| asterisk | open_source | 1.4.22.1 | |
| asterisk | open_source | 1.4.22.2 | |
| asterisk | open_source | 1.4.23 | |
| asterisk | open_source | 1.4.23 | |
| asterisk | open_source | 1.4.23 | |
| asterisk | open_source | 1.4.23 | |
| asterisk | open_source | 1.4beta | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0 | |
| asterisk | open_source | 1.6.0.1 | |
| asterisk | open_source | 1.6.0.2 | |
| asterisk | open_source | 1.6.0.3 | |
| asterisk | open_source | 1.6.0.3 | |
| asterisk | open_source | 1.6.1.0 | |
| asterisk | open_source | 1.6.1.0 | |
| asterisk | open_source | 1.6.1.5 | |
| asterisk | opensource | 1.4.23.2 | |
| asterisk | opensource | 1.4.24 | |
| asterisk | opensource | 1.4.24.1 | |
| asterisk | opensource | 1.4.26 | |
| asterisk | opensource | 1.4.26.1 | |
| sangoma | asterisk | 1.6.1 | |
| sangoma | asterisk | 1.6.1.4 | |
| asterisk | appliance_s800i | 1.3 | |
| asterisk | appliance_s800i | 1.3.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.1.3.2:*:business:*:*:*:*:*",
"matchCriteriaId": "524CF00B-1B36-4C1F-80B4-28349891669B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.1.3.3:*:business:*:*:*:*:*",
"matchCriteriaId": "2942FA48-42CE-4E67-A5BF-7852652EDE28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.2.0:*:business:*:*:*:*:*",
"matchCriteriaId": "4160A834-9194-474C-819B-60627E470D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.2.1:*:business:*:*:*:*:*",
"matchCriteriaId": "D81F6E55-80F1-4770-9FF0-305EEEF3C4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.1:*:business:*:*:*:*:*",
"matchCriteriaId": "087DC9EC-0DF2-48AE-BB62-8DDF95C3EC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.2:*:business:*:*:*:*:*",
"matchCriteriaId": "471032A5-5EB6-44D1-91C8-BEA42C1E205A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.3:*:business:*:*:*:*:*",
"matchCriteriaId": "6FEB3FCA-065E-4C32-A4C7-F2C79F214F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.4:*:business:*:*:*:*:*",
"matchCriteriaId": "636D765F-C47B-4762-9419-D7B51FA38AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.5:*:business:*:*:*:*:*",
"matchCriteriaId": "36F29EE8-E05F-4F0A-B0FA-66C551856C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.6:*:business:*:*:*:*:*",
"matchCriteriaId": "CEAA72FE-E13C-4363-AF5C-7D1CEEE2FA77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.5.1:*:business:*:*:*:*:*",
"matchCriteriaId": "3BAD5B3E-80FC-4B23-BD51-41D17BFA9C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.5.3:*:business:*:*:*:*:*",
"matchCriteriaId": "0B09EFBF-B8AD-455F-8F47-7C8F52371214",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.5.4:*:business:*:*:*:*:*",
"matchCriteriaId": "4CF18A17-E16D-4529-9705-6E2333C89CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.5.5:*:business:*:*:*:*:*",
"matchCriteriaId": "1ED6AC46-E485-4D0A-BFC1-3DEED113B9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.5.6:*:business:*:*:*:*:*",
"matchCriteriaId": "25A4B8D6-373F-442B-978A-61E53EEA9870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.5.8:*:business:*:*:*:*:*",
"matchCriteriaId": "30D7485F-109D-46B9-8E6E-52E963080BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.5.9:*:business:*:*:*:*:*",
"matchCriteriaId": "D5C22240-282C-4B10-8CAE-CC07E5784C3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.0_beta7:*:business:*:*:*:*:*",
"matchCriteriaId": "D0A87D63-35F5-47D7-893B-E8B179B16C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.0_beta8:*:business:*:*:*:*:*",
"matchCriteriaId": "95C1809E-9031-483F-B873-160284FA71D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.6:*:business:*:*:*:*:*",
"matchCriteriaId": "E35C336A-A786-476B-8B9F-E682D999B6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.6.1:*:business:*:*:*:*:*",
"matchCriteriaId": "8121721B-EBC6-44EA-86D6-7B0FF1C8FF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.6.2:*:business:*:*:*:*:*",
"matchCriteriaId": "1E76B3DD-5C38-4323-9F24-9327CC4E6FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.8.1:*:business:*:*:*:*:*",
"matchCriteriaId": "EB75A0FE-9D22-4DDB-909C-C87036328499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.10.3:*:business:*:*:*:*:*",
"matchCriteriaId": "75003D80-231D-4AC4-8346-4D4E4C8643E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.10.4:*:business:*:*:*:*:*",
"matchCriteriaId": "A04E037D-7F3F-4387-818D-1D618885AAF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.10.5:*:business:*:*:*:*:*",
"matchCriteriaId": "2CACA83A-4D1E-458D-BA30-3C138FB848E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.2.1.2.1:*:business:*:*:*:*:*",
"matchCriteriaId": "32D447AB-DAF1-4F70-8686-156C0ACDAE4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.2.3:*:business:*:*:*:*:*",
"matchCriteriaId": "6A958EDA-6FB8-447B-B190-8802C9DC9D3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.2.3.3:*:business:*:*:*:*:*",
"matchCriteriaId": "30FDE355-2209-46D4-A4E9-4DF7B128014F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.2.4.2:*:business:*:*:*:*:*",
"matchCriteriaId": "9CCDC56D-22F0-4617-A2FE-A23889F9C9AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.3.1.0:*:business:*:*:*:*:*",
"matchCriteriaId": "E6B4EC4D-957C-4A93-B65C-10114845A226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7971E1-F136-4ADC-95EC-BC4F92E838CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E62D108C-862D-4BDB-BE37-285AA4C9C59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "CF1422F3-829D-498C-83A6-02989DFB70A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CBEB9D69-A404-4053-92F9-CAC3481AFF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E816CCDB-4169-4F09-AE87-E467F4BE7685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27202966-2C41-4964-9497-1887D2A834C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1471B5A2-15BE-4E7C-BA49-2E6002F7C8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "65223182-1675-462C-AF67-4A48760A63F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7108D72F-5AFD-4EEF-B2A9-CA4FA792E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:netsec:*:*:*:*:*:*",
"matchCriteriaId": "DC7EB4CD-6436-4E0B-A620-9DF2AC8A3C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "107DA2D8-FE7C-4B70-856D-43D58B988694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:netsec:*:*:*:*:*:*",
"matchCriteriaId": "02D5E6DF-7C9C-479F-986B-D5C8A144ACB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD71DD9-8A15-45E2-9FB3-F0544D7E1B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:netsec:*:*:*:*:*:*",
"matchCriteriaId": "68AF6200-1385-449F-A00E-2BACEE16450B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5C14614F-4E27-40A6-9E56-2B1DBB10330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:netsec:*:*:*:*:*:*",
"matchCriteriaId": "61C0769F-6739-41D2-ADD8-924AC04C5F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2F2F5A-66FD-4057-917C-66332A88D83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8EF13987-5767-4FED-9584-63D74B0A30A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "399B0206-B48B-46EF-8CA6-A6E5A2550B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "C57C1324-E11A-4B2B-9722-A4A63AEF0497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "26E9760F-C0EB-47BB-8DA4-CC7815099DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:netsec:*:*:*:*:*:*",
"matchCriteriaId": "EE6D9718-D57D-48F6-A2B1-CECAFFCDDFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4C510A9A-C3E2-4AF8-9919-1A22E918CDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD915CD-A7D3-4305-A6C0-290C648A226C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "3249AB40-2058-42E9-9A33-64E434E5BB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:netsec:*:*:*:*:*:*",
"matchCriteriaId": "0CF6584D-A7BB-4BD5-8232-9293FEE4A971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:netsec:*:*:*:*:*:*",
"matchCriteriaId": "174D6B56-7D0F-46F0-849A-FD05CB348FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4F734E-0E78-4957-B323-8E9FBA7FF15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:netsec:*:*:*:*:*:*",
"matchCriteriaId": "938F545A-F8A7-455E-8E5A-2B5454B6CE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B117B-E945-4033-A79D-10DFAA3DF18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "E7C0897A-C841-4AAB-A6B3-1FCF7A99A60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:netsec:*:*:*:*:*:*",
"matchCriteriaId": "B2BAA1B3-7DD3-4248-915D-2BCC0ACFA2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EBFB79-C269-4132-BFAB-451F66CE8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:netsec:*:*:*:*:*:*",
"matchCriteriaId": "21612C17-7368-4108-B55B-5AB5CA6733E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8A0D57D7-15AD-4CDF-A5A7-AB83F8E6154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:netsec:*:*:*:*:*:*",
"matchCriteriaId": "06DB25C8-4EA5-465F-8EFA-BCA8D40F1795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:netsec:*:*:*:*:*:*",
"matchCriteriaId": "A149F8C2-3DA5-44B2-A288-3482F3975824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9462B320-B69D-409D-8DCC-D8D6CA1A757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:netsec:*:*:*:*:*:*",
"matchCriteriaId": "ECCCBAE9-8FD4-43F0-9EF8-56E9BBA3D8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59BC20-3217-4584-9196-D1CD9E0D6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:netsec:*:*:*:*:*:*",
"matchCriteriaId": "BEA0014A-659B-4533-A393-6D4ADC80EB0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8F1621F9-7C84-4CF0-BBCD-CEAEE8683BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64DF29-5B3D-401E-885E-8E37FD577254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "346C9F65-B5FB-4A75-8E1B-137112F270D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:netsec:*:*:*:*:*:*",
"matchCriteriaId": "7EFEE380-0C64-4413-AF3A-45ABC8833500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8CA18FC6-1480-400E-A885-8CDAE45AA7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:netsec:*:*:*:*:*:*",
"matchCriteriaId": "93741261-378B-4C02-8D68-0E5F39128375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:netsec:*:*:*:*:*:*",
"matchCriteriaId": "07CF9DD6-B624-49F0-A8E4-7EBCE7932BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9EEA1E9C-C1FB-4EFD-86EA-DCF78C57FC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "5E20FAF7-9031-478E-A89C-D6FB3B5FDE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "72375576-F857-4585-A677-A326D89A65B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "BE47A547-26E7-48F9-B0A6-2F65E04A1EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AEB744-FCF2-4A41-8866-9D1D20E6C6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "51E5EB34-30AD-4E81-8BD4-4AB905E52B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "4359322B-08D0-4710-A9C3-54BD4A17B800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78F84DF4-DBA7-430C-AF17-F52024EF80D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.3:*:*:*:*:*:*:*",
"matchCriteriaId": "34266614-3588-485C-A609-37823F8499AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DD299B8E-D912-4B67-85C3-79CFF4C4F3E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "9890504F-AA2E-44E9-8510-BFFD75FD6D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "38CF30B7-832F-40D4-8DA2-47B55BAC78B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "2072ADDC-C105-49CD-929A-011C8B9C6CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "A16BE0C5-4569-4F62-AC58-4B4D5B60D935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "967DF432-DEF4-4FA2-8C8D-19A7FB663A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "40850BF4-E252-4667-9B46-9B6FEF6E997D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1BB01DD1-B29B-4210-88CC-9ADB3148A410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "5C0FA6A3-BFA9-4397-B75B-75C8357C36B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "295D4042-2D3C-481B-B969-2DDAC1161198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99E9EE2A-56AD-42BC-8CB0-D34091849B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96877A3E-B54B-4F31-B281-76CDC98B2D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0B4503-42A6-4D88-954E-A662E91EC204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B73813-BCD8-429E-B9B9-D6665E026BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBA3ECC-4F40-41CD-A6D7-BBD680DDBACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9CBE2156-AF86-4C72-B33D-3FF83930F828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61408884-FBBF-4D94-A552-F99AB46DCED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4A527277-D97D-4B74-906F-7481BDBD96D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B57A32-7B83-4783-A244-C26301970444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "044FD0D0-FC92-4A01-B0D4-11A703EF21FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3477EC1A-9634-492C-B052-35770A9C9F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1C90F104-FA2C-4091-B149-1774AC982C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C9328768-7C08-4143-B5F8-F5C2D735D21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C04E2B3-094B-4828-A2FC-BB66244A9F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE3D31-4BB2-45A3-B085-8C91152A3152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0107D4-395E-45F1-B963-7618CCC007D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "53B8E11B-4984-45A8-A107-D276205988B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2495DB98-F923-4E60-86EC-2DBB7A98C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E186D125-996E-4900-A2B8-5CDC8B5D5136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27DC6CF7-4DF8-4472-A684-8CCB5E26FCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "88576385-EF03-408B-9775-B52E6AFFE48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1A838577-2BA1-4792-8B69-6FB07FFD7727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEED3E1-13E0-46E6-8AAB-D24D2D04AE4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "ED2BF36F-CF10-4F24-970B-3D0BB7561C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc-2:*:*:*:*:*:*",
"matchCriteriaId": "D35DD57B-EF77-4C5F-9B44-DAF5E0560E22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BFC1BB05-15C6-4829-86EB-5B1BFA4B5B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AB77E88B-7233-4979-914E-24E671C1FB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FF0F09-0268-480F-A2F3-6F8C3F323EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1CCF9CAE-674A-4833-9D5C-FCBD865BE9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1593E1-BF21-4DB9-A18E-9F221F3F9022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8E9FE3-FA25-4054-876E-4A3CE6E71AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBAEADC-D1DE-46EF-808C-2F6D2A74D988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AEF8EB4B-2947-4BD3-ADF3-345AEFE85B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E4476FB3-A759-49F5-ABDE-6D2A321B61BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DFC109C3-2F52-48BE-B07E-3D65F31C1012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E54101A9-3967-4111-8A03-DA1BB23141BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D8B00600-1D45-41F7-9A10-97FB39012FDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D8CB2331-0F95-45E0-AF5B-0B9C74C5BA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4ADB6A7-76AC-4AE3-B1AA-9F8DFA635418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "776BC35C-CF37-4F4E-9FD5-EC351D4C2C2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F10DAABC-FF06-44FB-98EC-B6AD17C03FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:rc3:*:*:*:*:*:*",
"matchCriteriaId": "ACA8AFD5-4C7C-4876-93CA-C5B3E881C455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:rc4:*:*:*:*:*:*",
"matchCriteriaId": "547EEB2B-2ECA-4B00-83BB-CFAA11BE0145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83829E0F-C24B-4BD6-88EA-98898A9AD86E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4C19141-823E-4057-A699-FD1DFF92DF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE7FE41-E749-49B8-99DF-19F9E7C4827A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4E78234B-39B6-4DB4-A10F-AA55F174D4F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3984CF42-2431-4661-B333-C6721DF7123A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:rc3:*:*:*:*:*:*",
"matchCriteriaId": "303CBFC2-22C1-47CE-A26C-A99B05763374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4beta:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8012CE-4D4B-4131-87E7-16D7907E3BB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D4F88914-6097-4AF1-8337-DCF062EB88AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "8BDB49DC-5344-451E-B8D6-D02C3431CE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "B1FDA8D3-5082-479B-BA0A-F1E83D750B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7305910F-42BA-44CE-A7AC-B6F74200B68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "B93EB4D6-3375-44BC-870F-714A3BC00C2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "52F60D6E-64EB-4223-8A79-595693B444C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta7.1:*:*:*:*:*:*",
"matchCriteriaId": "37CF29B9-4397-4298-9326-0443E666CDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "7D85DA34-A977-4A82-8E79-7BFE064DE9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "1476EF7B-A6F8-4B10-AF0F-986EA6BA3116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "98E222F0-4CAA-4247-A00D-C6CEC2E55198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "63744245-6126-47F6-B9F5-E936538140C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "C8805BEE-A4CF-45C2-B948-F1E8EF0A0886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E474C33-B42A-4BB8-AC57-8A9071316240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B83B3132-7D78-4AC3-B83A-A6A20AA28993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0147FCED-AE75-4945-B76E-33F2AA764B9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9C976AB0-2D1A-40CA-AEC3-E271B59B6960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "785205F3-88C1-4F63-B091-4920AF1C892D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "879A19B4-C037-407C-AC3F-76D6095E950C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FF16907E-5B0A-4312-AB20-0020A6EDFDE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:opensource:1.4.23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "876044E9-1B51-4877-A92F-63502D17E28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:opensource:1.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF0F165-E75F-4990-8369-5FD275E453AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:opensource:1.4.24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A194CAD2-A056-4664-B24A-0424F69BA1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:opensource:1.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "017F1C0D-0469-412A-99B0-70BF8195B148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:opensource:1.4.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23D0BE8E-1D28-4402-851E-C900E8609898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:asterisk:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "15A0A1ED-5EDB-4D7B-9514-FD92BA00F940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:asterisk:1.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "56DFDEB7-5220-4501-8499-9114727CD29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:asterisk:appliance_s800i:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27F70E5D-58B9-451D-96E9-CE788B5EEF9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:asterisk:appliance_s800i:1.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B08893AA-F51D-44CA-97C1-8E7E5A7A7F54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del protocolo IAX2 en Asterisk Open Source v1.2.x antes de v1.2.35, v1.4.x antes de v1.4.26.2, v1.6.0.x antes de v1.6.0.15, v1.6.1.x antes de v1.6.1.x; Business Edition vB.x.x antes de que vB.2.5.10, vC.2.x antes vC.2.4.3 y vC.3.x antes de C.3.1.1; y S800i v1.3.x antes de v1.3.0.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio iniciando muchos intercambios de mensajes IAX2. Se trata de una aunto relacionado con la CVE-2008-3263."
}
],
"id": "CVE-2009-2346",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-08T18:30:00.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2009-006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36593"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1022819"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/506257/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36275"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2009-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1022819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/506257/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36275"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-04 19:32
Modified
2025-04-09 00:30
Severity ?
Summary
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.digium.com/view.php?id=12607 | ||
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-008.html | ||
| cve@mitre.org | http://secunia.com/advisories/30517 | ||
| cve@mitre.org | http://secunia.com/advisories/34982 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| cve@mitre.org | http://svn.digium.com/view/asterisk?view=rev&revision=120109 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/493020/100/0/threaded | ||
| cve@mitre.org | http://www.securitytracker.com/id?1020166 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1731 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/42823 | ||
| cve@mitre.org | https://www.exploit-db.com/exploits/5749 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.digium.com/view.php?id=12607 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-008.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30517 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://svn.digium.com/view/asterisk?view=rev&revision=120109 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/493020/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1020166 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1731 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/42823 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/5749 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | b.1.3.2 | |
| asterisk | asterisk_business_edition | b.1.3.3 | |
| asterisk | asterisk_business_edition | b.2.2.0 | |
| asterisk | asterisk_business_edition | b.2.2.1 | |
| asterisk | asterisk_business_edition | b.2.3.1 | |
| asterisk | asterisk_business_edition | b.2.3.2 | |
| asterisk | asterisk_business_edition | b.2.3.3 | |
| asterisk | asterisk_business_edition | b.2.3.4 | |
| asterisk | asterisk_business_edition | b.2.5.0 | |
| asterisk | asterisk_business_edition | b2.5.1 | |
| asterisk | open_source | * | |
| asterisk | open_source | 1.0 | |
| asterisk | open_source | 1.0.0 | |
| asterisk | open_source | 1.0.1 | |
| asterisk | open_source | 1.0.2 | |
| asterisk | open_source | 1.0.3 | |
| asterisk | open_source | 1.0.4 | |
| asterisk | open_source | 1.0.5 | |
| asterisk | open_source | 1.0.6 | |
| asterisk | open_source | 1.0.7 | |
| asterisk | open_source | 1.0.8 | |
| asterisk | open_source | 1.0.9 | |
| asterisk | open_source | 1.0.11 | |
| asterisk | open_source | 1.0.11.1 | |
| asterisk | open_source | 1.0.12 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0beta1 | |
| asterisk | open_source | 1.2.0beta2 | |
| asterisk | open_source | 1.2.1 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.27 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "366DB62C-2E86-4614-AD9D-90C2F21434CB",
"versionEndIncluding": "b2.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "802F8680-AB38-41AF-BFC8-F6927F6B1626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAE8D90-B032-4C60-B487-BE655D00FFAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64A872-B7B8-46A8-81E4-49EDAC160531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "21000270-C9B9-430C-A252-763887A15835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F7CF45-5482-4947-8F1D-48C746987475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B64995D-7892-49AB-A89D-A5D15615C5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0397DBD4-EA00-444A-9008-4932F99DF325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD865F-BC39-4255-A797-6E5945773337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4956871-4DD3-4299-8BEB-9D98A4449A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8936B494-E647-498B-8380-AE4DAD458533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF7D9C2-C6B3-40E9-92B8-C504656BB176",
"versionEndIncluding": "1.2.28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "678DB154-4363-42FF-8B28-367923FC6595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F2C378-FF0E-4765-9F66-625C4064D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A55A9295-F632-4856-90A1-38371EB98589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7FAE6AF1-884D-41F7-B174-9E13C7719C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA9E35B-9A6B-42F2-9315-9C7D09F62227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF7EC20-A424-45E5-B7E4-3CC86075858C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C790E105-55C8-4CDC-9FA8-E1FF6F130A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44C860EF-2B29-4995-B942-000CC43FDD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADB80EF-C724-44BA-88FC-24087799D0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "78B39BE8-7E2D-42DF-8633-44CAD5662777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F39036E3-0027-4C72-9DEB-9A6E2B4512C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A037E6F9-3EF7-4EEB-AC16-081421BCE40D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7EC02A-9C9E-4589-BBB3-1908D3078A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6C70FA9C-6F3B-4BDF-97FB-81D06AB0EE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7971E1-F136-4ADC-95EC-BC4F92E838CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "7435F043-F92B-4635-93CC-A2C39AAE1BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B2F43B-8B69-4BF6-86B7-A225175FF068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27202966-2C41-4964-9497-1887D2A834C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1471B5A2-15BE-4E7C-BA49-2E6002F7C8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4F734E-0E78-4957-B323-8E9FBA7FF15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B117B-E945-4033-A79D-10DFAA3DF18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EBFB79-C269-4132-BFAB-451F66CE8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59BC20-3217-4584-9196-D1CD9E0D6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64DF29-5B3D-401E-885E-8E37FD577254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "BE47A547-26E7-48F9-B0A6-2F65E04A1EDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer."
},
{
"lang": "es",
"value": "Asterisk Open Source 1.0.x y 1.2.x anterior 1.2.29 y Business Edition A.x.x y B.x.x anterior B.2.5.3, cuando \"pedantic parsing\" (tambi\u00e9n conocido como pedanticsipchecking) est\u00e1 activado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de demonio) a trav\u00e9s de un mensaje SIP INVITE que carece de una cabecera From, relacionado con la invocaci\u00f3n de la funci\u00f3n ast_uri_decode y el manejo incorrecto de (1) una cadena const vac\u00eda y (2) un puntero NULL."
}
],
"id": "CVE-2008-2119",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-04T19:32:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.digium.com/view.php?id=12607"
},
{
"source": "cve@mitre.org",
"url": "http://downloads.digium.com/pub/security/AST-2008-008.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30517"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://svn.digium.com/view/asterisk?view=rev\u0026revision=120109"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/493020/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020166"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1731"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42823"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/5749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.digium.com/view.php?id=12607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.digium.com/pub/security/AST-2008-008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.digium.com/view/asterisk?view=rev\u0026revision=120109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/493020/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/5749"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-20 02:46
Modified
2025-04-09 00:30
Severity ?
Summary
Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations ("realtime") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authentication using a valid username.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2007-027.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html | ||
| cve@mitre.org | http://secunia.com/advisories/28149 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29242 | ||
| cve@mitre.org | http://secunia.com/advisories/29456 | ||
| cve@mitre.org | http://secunia.com/advisories/29782 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200804-13.xml | ||
| cve@mitre.org | http://securityreason.com/securityalert/3467 | ||
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1525 | ||
| cve@mitre.org | http://www.osvdb.org/39519 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/485287/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/26928 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1019110 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/4260 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/39124 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2007-027.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28149 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29242 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29456 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29782 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200804-13.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/3467 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/39519 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/485287/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/26928 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1019110 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/4260 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/39124 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk_business_edition | b.1.3.2 | |
| asterisk | asterisk_business_edition | b.1.3.3 | |
| asterisk | asterisk_business_edition | b.2.2.0 | |
| asterisk | asterisk_business_edition | b.2.2.1 | |
| asterisk | asterisk_business_edition | b.2.3.1 | |
| asterisk | asterisk_business_edition | b.2.3.2 | |
| asterisk | asterisk_business_edition | b.2.3.3 | |
| asterisk | asterisk_business_edition | b.2.3.4 | |
| asterisk | asterisk_business_edition | c.1.0beta7 | |
| asterisk | open_source | 1.2.0beta1 | |
| asterisk | open_source | 1.2.0beta2 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.9 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.4.1 | |
| asterisk | open_source | 1.4.2 | |
| asterisk | open_source | 1.4.3 | |
| asterisk | open_source | 1.4.4 | |
| asterisk | open_source | 1.4.5 | |
| asterisk | open_source | 1.4.6 | |
| asterisk | open_source | 1.4.7 | |
| asterisk | open_source | 1.4.8 | |
| asterisk | open_source | 1.4.9 | |
| asterisk | open_source | 1.4.10 | |
| asterisk | open_source | 1.4.11 | |
| asterisk | open_source | 1.4.12 | |
| asterisk | open_source | 1.4.13 | |
| asterisk | open_source | 1.4.14 | |
| asterisk | open_source | 1.4.15 | |
| asterisk | open_source | 1.4beta |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "802F8680-AB38-41AF-BFC8-F6927F6B1626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAE8D90-B032-4C60-B487-BE655D00FFAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64A872-B7B8-46A8-81E4-49EDAC160531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "21000270-C9B9-430C-A252-763887A15835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F7CF45-5482-4947-8F1D-48C746987475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B64995D-7892-49AB-A89D-A5D15615C5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0397DBD4-EA00-444A-9008-4932F99DF325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD865F-BC39-4255-A797-6E5945773337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0beta7:*:*:*:*:*:*:*",
"matchCriteriaId": "34FAE6AC-1C98-42E0-A5D4-5EA17ED325A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "7435F043-F92B-4635-93CC-A2C39AAE1BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B2F43B-8B69-4BF6-86B7-A225175FF068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD71DD9-8A15-45E2-9FB3-F0544D7E1B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5C14614F-4E27-40A6-9E56-2B1DBB10330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2F2F5A-66FD-4057-917C-66332A88D83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "26E9760F-C0EB-47BB-8DA4-CC7815099DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4C510A9A-C3E2-4AF8-9919-1A22E918CDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EBFB79-C269-4132-BFAB-451F66CE8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "295D4042-2D3C-481B-B969-2DDAC1161198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99E9EE2A-56AD-42BC-8CB0-D34091849B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96877A3E-B54B-4F31-B281-76CDC98B2D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0B4503-42A6-4D88-954E-A662E91EC204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B73813-BCD8-429E-B9B9-D6665E026BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBA3ECC-4F40-41CD-A6D7-BBD680DDBACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9CBE2156-AF86-4C72-B33D-3FF83930F828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4A527277-D97D-4B74-906F-7481BDBD96D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B57A32-7B83-4783-A244-C26301970444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "044FD0D0-FC92-4A01-B0D4-11A703EF21FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1C90F104-FA2C-4091-B149-1774AC982C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C9328768-7C08-4143-B5F8-F5C2D735D21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE3D31-4BB2-45A3-B085-8C91152A3152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0107D4-395E-45F1-B963-7618CCC007D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "53B8E11B-4984-45A8-A107-D276205988B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4beta:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8012CE-4D4B-4131-87E7-16D7907E3BB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations (\"realtime\") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authentication using a valid username."
},
{
"lang": "es",
"value": "Asterisk Open Source 1.2.x anterior a 1.2.26 y 1.4.x anterior a 1.4.16, y Business Edition B.x.x anterior a B.2.3.6 y C.x.x anterior a C.1.0-beta8, cuando usa registros basados en base de datos (en tiempo real o \"realtime\") y autenticaci\u00f3n basada en anfitri\u00f3n (host-based), no comprueba la direcci\u00f3n IP cuando el nombre de usuario es correcto y no hay contrase\u00f1a, lo cual permite a atacantes remotos evitar la autenticaci\u00f3n usando un nombre de usuario v\u00e1lido."
}
],
"id": "CVE-2007-6430",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-20T02:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://downloads.digium.com/pub/security/AST-2007-027.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28149"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29456"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29782"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3467"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/39519"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/485287/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26928"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securitytracker.com/id?1019110"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4260"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.digium.com/pub/security/AST-2007-027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/39519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/485287/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securitytracker.com/id?1019110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39124"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-23 16:05
Modified
2025-04-09 00:30
Severity ?
Summary
The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow unauthenticated calls, does not verify that an ACK response contains a call number matching the server's reply to a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed ACK response that does not complete a 3-way handshake. NOTE: this issue exists because of an incomplete fix for CVE-2008-1923.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bugs.digium.com/view.php?id=10078 | ||
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-006.html | ||
| cve@mitre.org | http://secunia.com/advisories/29927 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/30010 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/30042 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34982 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| cve@mitre.org | http://www.altsci.com/concepts/page.php?s=asteri&p=2 | ||
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1563 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/491220/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/28901 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1019918 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1324 | ||
| cve@mitre.org | https://downloads.asterisk.org/pub/security/AST-2008-006.html | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41966 | ||
| cve@mitre.org | https://github.com/jcollie/asterisk/commit/60de4fbbdf3ede49f158e23a9e3b679f2e519c1e | ||
| cve@mitre.org | https://github.com/jcollie/asterisk/commit/771b3d8749b34b6eea4e03a2e514380da9582f90 | ||
| cve@mitre.org | https://github.com/jcollie/asterisk/commit/a8b180875b037b8da26f6a3bcc8e5e98b8c904d2 | ||
| cve@mitre.org | https://github.com/kaoru6/asterisk/commit/1fe14f38dd43dc894d21f85762b51208ba5c8acb | ||
| cve@mitre.org | https://github.com/lyx2014/Asterisk/commit/0670e43c30135044e25cca7f80e1833e2c128653 | ||
| cve@mitre.org | https://github.com/mojolingo/asterisk/commit/20ac3662f137dbf7f42d5295590069a7d3b1166b | ||
| cve@mitre.org | https://github.com/pruiz/asterisk/commit/e0ef9bd22810c6969a7f222eec04798f19a7e2d6 | ||
| cve@mitre.org | https://github.com/silentindark/asterisk-1/commit/fe8b7f31db687f8b9992864b82c93d22833019c7 | ||
| cve@mitre.org | https://github.com/xrg/asterisk-xrg/commit/10da3dab24e8ca08cf2c983f8d0206e383535b5a | ||
| cve@mitre.org | https://github.com/xrg/asterisk-xrg/commit/51714a24347dc57f9a208a4a8af84115ef407b83 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00581.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00600.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.digium.com/view.php?id=10078 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29927 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30010 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30042 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.altsci.com/concepts/page.php?s=asteri&p=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1563 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/491220/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28901 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1019918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1324 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://downloads.asterisk.org/pub/security/AST-2008-006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41966 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jcollie/asterisk/commit/60de4fbbdf3ede49f158e23a9e3b679f2e519c1e | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jcollie/asterisk/commit/771b3d8749b34b6eea4e03a2e514380da9582f90 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jcollie/asterisk/commit/a8b180875b037b8da26f6a3bcc8e5e98b8c904d2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/kaoru6/asterisk/commit/1fe14f38dd43dc894d21f85762b51208ba5c8acb | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/lyx2014/Asterisk/commit/0670e43c30135044e25cca7f80e1833e2c128653 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/mojolingo/asterisk/commit/20ac3662f137dbf7f42d5295590069a7d3b1166b | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pruiz/asterisk/commit/e0ef9bd22810c6969a7f222eec04798f19a7e2d6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/silentindark/asterisk-1/commit/fe8b7f31db687f8b9992864b82c93d22833019c7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/xrg/asterisk-xrg/commit/10da3dab24e8ca08cf2c983f8d0206e383535b5a | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/xrg/asterisk-xrg/commit/51714a24347dc57f9a208a4a8af84115ef407b83 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00581.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00600.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk_appliance_developer_kit | 0.2 | |
| asterisk | asterisk_appliance_developer_kit | 0.3 | |
| asterisk | asterisk_appliance_developer_kit | 0.4 | |
| asterisk | asterisk_appliance_developer_kit | 0.5 | |
| asterisk | asterisk_appliance_developer_kit | 0.6 | |
| asterisk | asterisk_appliance_developer_kit | 0.6.0 | |
| asterisk | asterisk_appliance_developer_kit | 0.7 | |
| asterisk | asterisk_appliance_developer_kit | 0.8 | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | a | |
| asterisk | asterisk_business_edition | b.1.3.2 | |
| asterisk | asterisk_business_edition | b.1.3.3 | |
| asterisk | asterisk_business_edition | b.2.2.0 | |
| asterisk | asterisk_business_edition | b.2.2.1 | |
| asterisk | asterisk_business_edition | b.2.3.1 | |
| asterisk | asterisk_business_edition | b.2.3.2 | |
| asterisk | asterisk_business_edition | b.2.3.3 | |
| asterisk | asterisk_business_edition | b.2.3.4 | |
| asterisk | asterisk_business_edition | b.2.3.6 | |
| asterisk | asterisk_business_edition | b.2.5.0 | |
| asterisk | asterisk_business_edition | c.1.0 | |
| asterisk | asterisk_business_edition | c.1.0 | |
| asterisk | asterisk_business_edition | c.1.6 | |
| asterisk | asterisk_business_edition | c.1.6.1 | |
| asterisk | asterisk_business_edition | c.1.6.2 | |
| asterisk | asterisknow | * | |
| asterisk | asterisknow | 1.0 | |
| asterisk | asterisknow | 1.0.1 | |
| asterisk | open_source | * | |
| asterisk | open_source | * | |
| asterisk | open_source | 1.0 | |
| asterisk | open_source | 1.0 | |
| asterisk | open_source | 1.0 | |
| asterisk | open_source | 1.0.0 | |
| asterisk | open_source | 1.0.1 | |
| asterisk | open_source | 1.0.2 | |
| asterisk | open_source | 1.0.3 | |
| asterisk | open_source | 1.0.3.4 | |
| asterisk | open_source | 1.0.4 | |
| asterisk | open_source | 1.0.5 | |
| asterisk | open_source | 1.0.6 | |
| asterisk | open_source | 1.0.7 | |
| asterisk | open_source | 1.0.8 | |
| asterisk | open_source | 1.0.9 | |
| asterisk | open_source | 1.0.11 | |
| asterisk | open_source | 1.0.11 | |
| asterisk | open_source | 1.0.11.1 | |
| asterisk | open_source | 1.0.11.1 | |
| asterisk | open_source | 1.0.12 | |
| asterisk | open_source | 1.0.12 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.1 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.4 | |
| asterisk | open_source | 1.2.4 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.7.1 | |
| asterisk | open_source | 1.2.7.1 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.9 | |
| asterisk | open_source | 1.2.9.1 | |
| asterisk | open_source | 1.2.9.1 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.1 | |
| asterisk | open_source | 1.4.10 | |
| asterisk | open_source | 1.4.10.1 | |
| asterisk | open_source | 1.4.11 | |
| asterisk | open_source | 1.4.12 | |
| asterisk | open_source | 1.4.12.1 | |
| asterisk | open_source | 1.4.13 | |
| asterisk | open_source | 1.4.14 | |
| asterisk | open_source | 1.4.15 | |
| asterisk | open_source | 1.4.16 | |
| asterisk | open_source | 1.4.16.1 | |
| asterisk | open_source | 1.4.16.2 | |
| asterisk | open_source | 1.4.17 | |
| asterisk | open_source | 1.4.18 | |
| asterisk | open_source | 1.4.18.1 | |
| asterisk | s800i | * | |
| asterisk | s800i | 1.0 | |
| asterisk | s800i | 1.0.1 | |
| asterisk | s800i | 1.0.2 | |
| asterisk | s800i | 1.0.3 | |
| asterisk | s800i | 1.0.3.3 | |
| asterisk | s800i | 1.1.0 | |
| asterisk | s800i | 1.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C05B437-C292-4AA0-8AFE-1CA07CD80034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0102C4C0-1A7D-4AB7-9817-44E6B0DB761E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "81DDF486-4185-48EE-869E-0AA6726C31F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF45A8E1-F6B1-42BD-9168-12062FA6EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C5757B9B-2759-439A-9A6D-CCDD6C8C8940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4548D39-0562-4946-AA51-A7C1A31AEE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD71268-EAA2-477B-8AC4-DE4853A262B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "529B2115-A191-4F3F-8F8C-A38B7C45463A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3097291D-BBBB-4C69-8909-D6F7AC622B5D",
"versionEndIncluding": "b.2.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "267F32ED-B9E4-4454-99C1-F445E52EE96F",
"versionEndIncluding": "c1.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:a:*:*:*:*:*:*:*",
"matchCriteriaId": "313B3A38-8DEA-4D62-A1A4-0B6011E81870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "802F8680-AB38-41AF-BFC8-F6927F6B1626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAE8D90-B032-4C60-B487-BE655D00FFAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64A872-B7B8-46A8-81E4-49EDAC160531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "21000270-C9B9-430C-A252-763887A15835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F7CF45-5482-4947-8F1D-48C746987475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B64995D-7892-49AB-A89D-A5D15615C5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0397DBD4-EA00-444A-9008-4932F99DF325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD865F-BC39-4255-A797-6E5945773337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7203093-7209-4184-92CB-08AD73FAC379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4956871-4DD3-4299-8BEB-9D98A4449A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "F981A428-E7F3-4DE5-91DC-60A1C5C6C6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "AF94C93A-723D-4DC5-9342-F091C8C6FF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C988FD-CFB9-4763-BE5A-B89FB3538FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00A6DAD0-D4C3-4A58-A35A-991E04B50EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6413B123-65DE-4483-A8A0-F5F30A809570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "272DE03B-1470-45FF-A31B-2CE44A8E8378",
"versionEndIncluding": "1.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6FE17C-3B08-4675-9F73-5DC0C2438BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8AB81C-3DCF-42E9-8022-2F7135022C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB10847E-585B-492B-A174-4D1C14755E0E",
"versionEndIncluding": "1.2.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD2F115-4614-4E25-8902-356EEC966E8E",
"versionEndIncluding": "1.4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "678DB154-4363-42FF-8B28-367923FC6595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B41BC83-3AE3-4C89-A682-E24A4EFF9605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "98F2FE25-8CDA-4D6D-884B-82C4D90F7FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F2C378-FF0E-4765-9F66-625C4064D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A55A9295-F632-4856-90A1-38371EB98589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7FAE6AF1-884D-41F7-B174-9E13C7719C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA9E35B-9A6B-42F2-9315-9C7D09F62227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "89B1F293-4F0F-48FD-A1F1-1230B94D87D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF7EC20-A424-45E5-B7E4-3CC86075858C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C790E105-55C8-4CDC-9FA8-E1FF6F130A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44C860EF-2B29-4995-B942-000CC43FDD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADB80EF-C724-44BA-88FC-24087799D0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "78B39BE8-7E2D-42DF-8633-44CAD5662777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F39036E3-0027-4C72-9DEB-9A6E2B4512C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A037E6F9-3EF7-4EEB-AC16-081421BCE40D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11:patch:*:*:*:*:*:*",
"matchCriteriaId": "A553D442-A573-4A60-8514-3C70F651756D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7EC02A-9C9E-4589-BBB3-1908D3078A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11.1:patch:*:*:*:*:*:*",
"matchCriteriaId": "2395C742-D9FE-466F-BC97-67A846539121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6C70FA9C-6F3B-4BDF-97FB-81D06AB0EE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.12:patch:*:*:*:*:*:*",
"matchCriteriaId": "58487C69-86C0-4736-BC90-4292AF8E3DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7971E1-F136-4ADC-95EC-BC4F92E838CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E62D108C-862D-4BDB-BE37-285AA4C9C59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "CF1422F3-829D-498C-83A6-02989DFB70A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CBEB9D69-A404-4053-92F9-CAC3481AFF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E816CCDB-4169-4F09-AE87-E467F4BE7685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27202966-2C41-4964-9497-1887D2A834C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1471B5A2-15BE-4E7C-BA49-2E6002F7C8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "65223182-1675-462C-AF67-4A48760A63F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7108D72F-5AFD-4EEF-B2A9-CA4FA792E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:netsec:*:*:*:*:*:*",
"matchCriteriaId": "DC7EB4CD-6436-4E0B-A620-9DF2AC8A3C66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "107DA2D8-FE7C-4B70-856D-43D58B988694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:netsec:*:*:*:*:*:*",
"matchCriteriaId": "02D5E6DF-7C9C-479F-986B-D5C8A144ACB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD71DD9-8A15-45E2-9FB3-F0544D7E1B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:netsec:*:*:*:*:*:*",
"matchCriteriaId": "68AF6200-1385-449F-A00E-2BACEE16450B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5C14614F-4E27-40A6-9E56-2B1DBB10330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:netsec:*:*:*:*:*:*",
"matchCriteriaId": "61C0769F-6739-41D2-ADD8-924AC04C5F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2F2F5A-66FD-4057-917C-66332A88D83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8EF13987-5767-4FED-9584-63D74B0A30A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "399B0206-B48B-46EF-8CA6-A6E5A2550B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "C57C1324-E11A-4B2B-9722-A4A63AEF0497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "26E9760F-C0EB-47BB-8DA4-CC7815099DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:netsec:*:*:*:*:*:*",
"matchCriteriaId": "EE6D9718-D57D-48F6-A2B1-CECAFFCDDFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4C510A9A-C3E2-4AF8-9919-1A22E918CDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD915CD-A7D3-4305-A6C0-290C648A226C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "3249AB40-2058-42E9-9A33-64E434E5BB64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:netsec:*:*:*:*:*:*",
"matchCriteriaId": "0CF6584D-A7BB-4BD5-8232-9293FEE4A971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:netsec:*:*:*:*:*:*",
"matchCriteriaId": "174D6B56-7D0F-46F0-849A-FD05CB348FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4F734E-0E78-4957-B323-8E9FBA7FF15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:netsec:*:*:*:*:*:*",
"matchCriteriaId": "938F545A-F8A7-455E-8E5A-2B5454B6CE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B117B-E945-4033-A79D-10DFAA3DF18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "E7C0897A-C841-4AAB-A6B3-1FCF7A99A60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:netsec:*:*:*:*:*:*",
"matchCriteriaId": "B2BAA1B3-7DD3-4248-915D-2BCC0ACFA2C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EBFB79-C269-4132-BFAB-451F66CE8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:netsec:*:*:*:*:*:*",
"matchCriteriaId": "21612C17-7368-4108-B55B-5AB5CA6733E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8A0D57D7-15AD-4CDF-A5A7-AB83F8E6154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:netsec:*:*:*:*:*:*",
"matchCriteriaId": "06DB25C8-4EA5-465F-8EFA-BCA8D40F1795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:netsec:*:*:*:*:*:*",
"matchCriteriaId": "A149F8C2-3DA5-44B2-A288-3482F3975824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9462B320-B69D-409D-8DCC-D8D6CA1A757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:netsec:*:*:*:*:*:*",
"matchCriteriaId": "ECCCBAE9-8FD4-43F0-9EF8-56E9BBA3D8C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59BC20-3217-4584-9196-D1CD9E0D6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:netsec:*:*:*:*:*:*",
"matchCriteriaId": "BEA0014A-659B-4533-A393-6D4ADC80EB0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8F1621F9-7C84-4CF0-BBCD-CEAEE8683BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64DF29-5B3D-401E-885E-8E37FD577254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "346C9F65-B5FB-4A75-8E1B-137112F270D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:netsec:*:*:*:*:*:*",
"matchCriteriaId": "7EFEE380-0C64-4413-AF3A-45ABC8833500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:netsec:*:*:*:*:*:*",
"matchCriteriaId": "8CA18FC6-1480-400E-A885-8CDAE45AA7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:netsec:*:*:*:*:*:*",
"matchCriteriaId": "93741261-378B-4C02-8D68-0E5F39128375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:netsec:*:*:*:*:*:*",
"matchCriteriaId": "07CF9DD6-B624-49F0-A8E4-7EBCE7932BEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9EEA1E9C-C1FB-4EFD-86EA-DCF78C57FC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "5E20FAF7-9031-478E-A89C-D6FB3B5FDE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "72375576-F857-4585-A677-A326D89A65B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "967DF432-DEF4-4FA2-8C8D-19A7FB663A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "40850BF4-E252-4667-9B46-9B6FEF6E997D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1BB01DD1-B29B-4210-88CC-9ADB3148A410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "5C0FA6A3-BFA9-4397-B75B-75C8357C36B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "295D4042-2D3C-481B-B969-2DDAC1161198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "044FD0D0-FC92-4A01-B0D4-11A703EF21FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3477EC1A-9634-492C-B052-35770A9C9F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1C90F104-FA2C-4091-B149-1774AC982C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C9328768-7C08-4143-B5F8-F5C2D735D21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C04E2B3-094B-4828-A2FC-BB66244A9F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE3D31-4BB2-45A3-B085-8C91152A3152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0107D4-395E-45F1-B963-7618CCC007D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "53B8E11B-4984-45A8-A107-D276205988B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2495DB98-F923-4E60-86EC-2DBB7A98C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E186D125-996E-4900-A2B8-5CDC8B5D5136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27DC6CF7-4DF8-4472-A684-8CCB5E26FCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "88576385-EF03-408B-9775-B52E6AFFE48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1A838577-2BA1-4792-8B69-6FB07FFD7727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEED3E1-13E0-46E6-8AAB-D24D2D04AE4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C01793-C5D3-4359-B332-A8A104832370",
"versionEndIncluding": "1.1.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3A0A08-4107-4B8B-AE7E-DC23849A54DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9320928D-D83C-4258-AF62-AB2D1F50D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "569084D1-977D-41FC-A444-0B3F5199DDD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02D182FB-761C-4F08-A776-B613FAC55230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9046D49-6878-4571-8B9E-2FBD5BA80D19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B5EDAB-61DD-4864-A159-39292D339DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "101DFEFB-7627-4D36-AAA2-EDFB4D0E5AB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow unauthenticated calls, does not verify that an ACK response contains a call number matching the server\u0027s reply to a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed ACK response that does not complete a 3-way handshake. NOTE: this issue exists because of an incomplete fix for CVE-2008-1923."
},
{
"lang": "es",
"value": "El driver del canal IAX2 (chan_iax2) en Asterisk Open Source 1.0.x, 1.2.x anteriores a 1.2.28 y 1.4.x anteriores a 1.4.19.1; Business Edition A.x.x, B.x.x anteriores a B.2.5.2 y C.x.x anteriores a C.1.8.1; AsteriskNOW anteriores a 1.0.3; Apliance Developer Kit 0.x.x y s800i anterior a la 1.1.0.3, cuando est\u00e1 configurado para permitir llamadas no autenticadas, no verifica que una respuesta ACK contenga un n\u00famero que coincida con el de respuesta del servidor a un NUEVO mensaje, que puede permitir a los atacantes provocar una denegaci\u00f3n de servicio (amplificaci\u00f3n del tr\u00e1fico) a trav\u00e9s de una respuesta ACK falseada, que no complete la negociaci\u00f3n de 3 pasos. NOTA: Este problema existe debido a una correci\u00f3n incompleto para CVE-2008-1923"
}
],
"id": "CVE-2008-1897",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-23T16:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"source": "cve@mitre.org",
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29927"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30010"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30042"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1563"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491220/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28901"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019918"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1324"
},
{
"source": "cve@mitre.org",
"url": "https://downloads.asterisk.org/pub/security/AST-2008-006.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41966"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/jcollie/asterisk/commit/60de4fbbdf3ede49f158e23a9e3b679f2e519c1e"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/jcollie/asterisk/commit/771b3d8749b34b6eea4e03a2e514380da9582f90"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/jcollie/asterisk/commit/a8b180875b037b8da26f6a3bcc8e5e98b8c904d2"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/kaoru6/asterisk/commit/1fe14f38dd43dc894d21f85762b51208ba5c8acb"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/lyx2014/Asterisk/commit/0670e43c30135044e25cca7f80e1833e2c128653"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/mojolingo/asterisk/commit/20ac3662f137dbf7f42d5295590069a7d3b1166b"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/pruiz/asterisk/commit/e0ef9bd22810c6969a7f222eec04798f19a7e2d6"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/silentindark/asterisk-1/commit/fe8b7f31db687f8b9992864b82c93d22833019c7"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/xrg/asterisk-xrg/commit/10da3dab24e8ca08cf2c983f8d0206e383535b5a"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/xrg/asterisk-xrg/commit/51714a24347dc57f9a208a4a8af84115ef407b83"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00581.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.digium.com/view.php?id=10078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.digium.com/pub/security/AST-2008-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.altsci.com/concepts/page.php?s=asteri\u0026p=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491220/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://downloads.asterisk.org/pub/security/AST-2008-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/jcollie/asterisk/commit/60de4fbbdf3ede49f158e23a9e3b679f2e519c1e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/jcollie/asterisk/commit/771b3d8749b34b6eea4e03a2e514380da9582f90"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/jcollie/asterisk/commit/a8b180875b037b8da26f6a3bcc8e5e98b8c904d2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/kaoru6/asterisk/commit/1fe14f38dd43dc894d21f85762b51208ba5c8acb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/lyx2014/Asterisk/commit/0670e43c30135044e25cca7f80e1833e2c128653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/mojolingo/asterisk/commit/20ac3662f137dbf7f42d5295590069a7d3b1166b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/pruiz/asterisk/commit/e0ef9bd22810c6969a7f222eec04798f19a7e2d6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/silentindark/asterisk-1/commit/fe8b7f31db687f8b9992864b82c93d22833019c7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/xrg/asterisk-xrg/commit/10da3dab24e8ca08cf2c983f8d0206e383535b5a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/xrg/asterisk-xrg/commit/51714a24347dc57f9a208a4a8af84115ef407b83"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00581.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00600.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-25 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff | Patch | |
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff | Patch | |
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2012-001.html | Vendor Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2012/01/20/16 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2012/01/20/18 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=783487 | ||
| cve@mitre.org | https://issues.asterisk.org/jira/browse/ASTERISK-19202 | ||
| cve@mitre.org | https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2012-001.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/01/20/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/01/20/18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=783487 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.asterisk.org/jira/browse/ASTERISK-19202 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch | Exploit |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1.1 | |
| asterisk | open_source | 1.8.1.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2.1 | |
| asterisk | open_source | 1.8.2.2 | |
| asterisk | open_source | 1.8.2.3 | |
| asterisk | open_source | 1.8.2.4 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3.1 | |
| asterisk | open_source | 1.8.3.2 | |
| asterisk | open_source | 1.8.3.3 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4.1 | |
| asterisk | open_source | 1.8.4.2 | |
| asterisk | open_source | 1.8.4.3 | |
| asterisk | open_source | 1.8.4.4 | |
| asterisk | open_source | 1.8.5 | |
| asterisk | open_source | 1.8.5.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.1 | |
| asterisk | open_source | 1.8.7.2 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.1 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93F81ACF-615F-4EF5-BD73-74F4010B43D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D773468A-4C2D-4B88-BAB6-C2D892A304C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAE9D7-7A67-40D0-B864-66E76EBA5A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FFB08-0FCD-4839-95F4-97C09EB7E921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10C54588-265A-4955-8C73-38ADB664EF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D84681-F861-49BE-832F-20EBAD3B60C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2313F843-0F74-4FC9-92A2-1F721BB4C490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "23E24161-31DB-4739-B16D-B0BDF5151307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5E4B4F-49B7-41CB-803B-47A0081C3112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27D37142-F88C-42DE-A0FD-B17AB7981963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A5BD7C-3491-456A-A333-481977280F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "12711E11-F6CF-4A61-83FD-AD3748D7C47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86E83CDF-E3B5-48A8-B526-67A1618B97AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C8B329-AC4C-46E5-BAC3-B2B72C16A453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A81245B-0276-4D51-A3B4-9CC7233C9A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC30C27-32BD-42A9-814E-123BD18F416B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "676BA331-833E-4C8B-A523-2116752567B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D301553-EF77-4494-A893-FDC12E6A8C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35362678-3960-40E0-BB94-4642F09DDB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE8D88-E407-4E9F-8418-E95C16A55358",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple."
},
{
"lang": "es",
"value": "chan_sip.c en Asterisk Open Source v1.8.x antes de v1.8.8.2 y v10.x antes de v10.0.1 , cuando se usa el m\u00f3dulo res_srtp y el soporte multimedia esta incorrectamente configurado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (puntero a NULL y ca\u00edda del demonio) a trav\u00e9s de un mensaje SDP espec\u00edficamente modificado con un atributo de cifrado y (1) un v\u00eddeo o (2) el tipo de medio \u0027text\u0027. Esto queda demostrado con CSipSimple."
}
],
"id": "CVE-2012-0885",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-01-25T15:55:01.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/16"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/18"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783487"
},
{
"source": "cve@mitre.org",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19202"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-1.8.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001-10.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/01/20/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-19202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://issues.asterisk.org/jira/secure/attachment/42202/issueA19202_crypto_if_uninited_text_or_video.patch"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-31 14:55
Modified
2025-04-11 00:51
Severity ?
Summary
Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://downloads.asterisk.org/pub/security/AST-2012-012.html | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://secunia.com/advisories/50687 | ||
| psirt@us.ibm.com | http://secunia.com/advisories/50756 | ||
| psirt@us.ibm.com | http://www.debian.org/security/2012/dsa-2550 | ||
| psirt@us.ibm.com | http://www.securitytracker.com/id?1027460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2012-012.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50687 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/50756 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2550 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027460 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1.1 | |
| asterisk | open_source | 1.8.1.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2.1 | |
| asterisk | open_source | 1.8.2.2 | |
| asterisk | open_source | 1.8.2.3 | |
| asterisk | open_source | 1.8.2.4 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3.1 | |
| asterisk | open_source | 1.8.3.2 | |
| asterisk | open_source | 1.8.3.3 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4.1 | |
| asterisk | open_source | 1.8.4.2 | |
| asterisk | open_source | 1.8.4.3 | |
| asterisk | open_source | 1.8.4.4 | |
| asterisk | open_source | 1.8.5 | |
| asterisk | open_source | 1.8.5.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.7 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.1 | |
| asterisk | open_source | 1.8.7.2 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.1 | |
| asterisk | open_source | 1.8.8.2 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.1 | |
| asterisk | open_source | 1.8.9.2 | |
| asterisk | open_source | 1.8.9.3 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.1 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.1 | |
| asterisk | open_source | 1.8.12 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| sangoma | asterisk | * | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.1 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.1 | |
| asterisk | open_source | 10.1.2 | |
| asterisk | open_source | 10.1.3 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.1 | |
| asterisk | open_source | 10.3 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.1 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| sangoma | asterisk | * | |
| asterisk | certified_asterisk | * | |
| asterisk | certified_asterisk | 1.8.11 | |
| asterisk | certified_asterisk | 1.8.11 | |
| asterisk | certified_asterisk | 1.8.11 | |
| asterisk | certified_asterisk | 1.8.11 | |
| asterisk | certified_asterisk | 1.8.11 | |
| asterisk | digiumphones | * | |
| asterisk | business_edition | * | |
| asterisk | business_edition | c.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E21DF0C9-16E4-44B0-8749-85F7F245A87A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93F81ACF-615F-4EF5-BD73-74F4010B43D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D773468A-4C2D-4B88-BAB6-C2D892A304C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAE9D7-7A67-40D0-B864-66E76EBA5A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FFB08-0FCD-4839-95F4-97C09EB7E921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10C54588-265A-4955-8C73-38ADB664EF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D84681-F861-49BE-832F-20EBAD3B60C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2313F843-0F74-4FC9-92A2-1F721BB4C490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "23E24161-31DB-4739-B16D-B0BDF5151307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5E4B4F-49B7-41CB-803B-47A0081C3112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27D37142-F88C-42DE-A0FD-B17AB7981963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A5BD7C-3491-456A-A333-481977280F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "12711E11-F6CF-4A61-83FD-AD3748D7C47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86E83CDF-E3B5-48A8-B526-67A1618B97AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C8B329-AC4C-46E5-BAC3-B2B72C16A453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A81245B-0276-4D51-A3B4-9CC7233C9A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC30C27-32BD-42A9-814E-123BD18F416B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "676BA331-833E-4C8B-A523-2116752567B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AA9DBB3-1008-4CC8-B81B-991F286A6C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D301553-EF77-4494-A893-FDC12E6A8C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35362678-3960-40E0-BB94-4642F09DDB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE8D88-E407-4E9F-8418-E95C16A55358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDEDE38-79FE-4B21-BE42-E8AA14475AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7128AC5-5DD7-4BD3-B14C-4ADA155DD5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2C32DA-44CE-4407-84B2-02B0D0474000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B032B5-06AB-4ABE-B51E-DE5C13458C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F33168AF-A3FB-4694-9DC8-CC28A7C3B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1075D5D-5F81-4E26-90B0-60659B8D36B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47805A52-856B-4C30-A04F-0B683FDBE075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB7C4A-7CF7-4D57-B65D-741AFA6393EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48300C6F-FAF2-4F0A-959F-4B1801AE7D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85522E25-E76C-4CCF-AB7C-A74E1703D919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AC3BE912-0B42-416B-A0E2-B17FDF07BAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "4FC9C2FB-A77B-4242-B4A1-92112E1C19B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA237F1-0378-4B8C-9981-B3B47BCB3C50",
"versionEndIncluding": "1.8.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E55A7B81-4661-4E77-94FE-DA8D6261DC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "964672AE-C840-465E-BE8A-8E19D9C060AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "48827211-8F2F-4801-A5CD-77B07D1DD320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2463AD2-B341-494C-87AF-73B69B75D162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5DACA8-EBD6-4854-A32E-EDBD8C28B3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB76519-FD6D-4D74-8DF7-719822588C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC77FCCF-EE5C-4121-A0AF-B9DC71E72C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33423-6093-4DC9-BCFF-77003776373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9DEA8945-9ACD-4CE7-A5E6-5207E16C663E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B2A7FC21-74FF-48BF-9BA8-A143FCB2BF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FCD6B4-ED33-424F-AD30-64227894B0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6558058-33DA-43F1-9690-5DA11D5CC713",
"versionEndIncluding": "10.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:*:cert5:*:*:*:*:*:*",
"matchCriteriaId": "345918B8-ABB8-4E60-A3AD-C006AD24FEC4",
"versionEndIncluding": "1.8.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert:*:*:*:*:*:*",
"matchCriteriaId": "4889B1B5-5160-476E-A1C0-BEAE63C85CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*",
"matchCriteriaId": "62867AEF-D685-4B1F-8AB9-D1CCAC559821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert2:*:*:*:*:*:*",
"matchCriteriaId": "F7C792E2-FBBA-4F1D-8842-5E47B4365FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert3:*:*:*:*:*:*",
"matchCriteriaId": "B14F1E15-52B4-4947-83EA-85D535FFB55E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert4:*:*:*:*:*:*",
"matchCriteriaId": "02461B94-32BA-487E-9E9E-D9B5AAAFF602",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7438E927-F320-4E40-AE4E-F571483A5D2F",
"versionEndIncluding": "10.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94539528-4DD3-4BB6-BFFE-920A3937A665",
"versionEndIncluding": "c.3.7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:business_edition:c.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17D78AA8-AF67-4343-A9B0-EFC63D8CC4BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action."
},
{
"lang": "es",
"value": "Vulnerabilidad de lista negra incompleta en main/manager.c en Asterisk Open Source v1.8.x antes de v1.8.15.1 y v10.x antes de v10.7.1, Certified Asterisk v1.8.11-8.1.11 antes de cert6, Digiumphones Asterisk v10.xx-digiumphones antes de v10.7.1-digiumphones y Asterisk Business Edition C.3.x antes de C.3.7.6 permite a usuarios remotos autenticados ejecutar comandos de su elecci\u00f3n aprovech\u00e1ndose de los privilegios de origen y proporcionando un valor ExternalIVR en una acci\u00f3n IAM Originate.\r\n"
}
],
"id": "CVE-2012-2186",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-31T14:55:00.950",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/50687"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/50756"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.debian.org/security/2012/dsa-2550"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id?1027460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027460"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-21 10:55
Modified
2025-04-11 00:51
Severity ?
Summary
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2011-012.html | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/46420 | ||
| cve@mitre.org | http://securityreason.com/securityalert/8478 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/520141/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/50177 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1026191 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/70706 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2011-012.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46420 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/8478 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/520141/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/50177 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026191 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/70706 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.8.7 | |
| asterisk | open_source | 10.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AA9DBB3-1008-4CC8-B81B-991F286A6C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request."
},
{
"lang": "es",
"value": "chan_sip.c en el driver de canal SIP de Asterisk Open Source v1.8.x antes de v1.8.7.1 y v10.x antes de v10.0.0-rc1 no inicializa correctamente las variables durante el an\u00e1lisis de la petici\u00f3n, lo que permite provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a usuarios remotos autenticados mediante una solicitud mal formada."
}
],
"id": "CVE-2011-4063",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-10-21T10:55:03.927",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.digium.com/pub/security/AST-2011-012.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/46420"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8478"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/520141/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/50177"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026191"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.digium.com/pub/security/AST-2011-012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8478"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520141/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70706"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-20 00:44
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-003.html | Patch | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html | ||
| cve@mitre.org | http://secunia.com/advisories/29426 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29456 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29470 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29782 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29957 | Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200804-13.xml | ||
| cve@mitre.org | http://securitytracker.com/id?1019629 | ||
| cve@mitre.org | http://www.asterisk.org/node/48466 | ||
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1525 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/489818/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/28310 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0928 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/41308 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-003.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29426 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29456 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29470 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29957 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200804-13.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1019629 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.asterisk.org/node/48466 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/489818/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28310 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0928 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/41308 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk | a | |
| asterisk | asterisk | b.1.3.2 | |
| asterisk | asterisk | b.1.3.3 | |
| asterisk | asterisk | b.2.2.0 | |
| asterisk | asterisk | b.2.2.1 | |
| asterisk | asterisk | b.2.3.1 | |
| asterisk | asterisk | b.2.3.2 | |
| asterisk | asterisk | b.2.3.3 | |
| asterisk | asterisk | b.2.3.4 | |
| asterisk | asterisk | b.2.3.5 | |
| asterisk | asterisk | b.2.3.6 | |
| asterisk | asterisk | c.1.0_beta7 | |
| asterisk | asterisk | c.1.0_beta8 | |
| asterisk | asterisk | c.1.6 | |
| asterisk | asterisk | c.1.6.1 | |
| asterisk | asterisk_appliance_developer_kit | * | |
| asterisk | asterisk_appliance_developer_kit | 0.2 | |
| asterisk | asterisk_appliance_developer_kit | 0.3 | |
| asterisk | asterisk_appliance_developer_kit | 0.4 | |
| asterisk | asterisk_appliance_developer_kit | 0.5 | |
| asterisk | asterisk_appliance_developer_kit | 0.6 | |
| asterisk | asterisk_appliance_developer_kit | 0.6.0 | |
| asterisk | asterisk_appliance_developer_kit | 0.7 | |
| asterisk | asterisk_appliance_developer_kit | 0.8 | |
| asterisk | asterisk_appliance_developer_kit | 1.3 | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisk_business_edition | * | |
| asterisk | asterisknow | * | |
| asterisk | asterisknow | 1.0 | |
| asterisk | open_source | * | |
| asterisk | open_source | * | |
| asterisk | open_source | * | |
| asterisk | open_source | 1.0 | |
| asterisk | open_source | 1.0.0 | |
| asterisk | open_source | 1.0.1 | |
| asterisk | open_source | 1.0.2 | |
| asterisk | open_source | 1.0.3 | |
| asterisk | open_source | 1.0.3.4 | |
| asterisk | open_source | 1.0.4 | |
| asterisk | open_source | 1.0.5 | |
| asterisk | open_source | 1.0.6 | |
| asterisk | open_source | 1.0.7 | |
| asterisk | open_source | 1.0.8 | |
| asterisk | open_source | 1.0.9 | |
| asterisk | open_source | 1.0.11 | |
| asterisk | open_source | 1.0.11.1 | |
| asterisk | open_source | 1.0.12 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0beta2 | |
| asterisk | open_source | 1.2.1 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.4 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.7.1 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.9 | |
| asterisk | open_source | 1.2.9.1 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.1 | |
| asterisk | open_source | 1.4.10 | |
| asterisk | open_source | 1.4.10.1 | |
| asterisk | open_source | 1.4.11 | |
| asterisk | open_source | 1.4.12 | |
| asterisk | open_source | 1.4.12.1 | |
| asterisk | open_source | 1.4.13 | |
| asterisk | open_source | 1.4.14 | |
| asterisk | open_source | 1.4.15 | |
| asterisk | open_source | 1.4.16 | |
| asterisk | open_source | 1.4.16.1 | |
| asterisk | open_source | 1.4.16.2 | |
| asterisk | open_source | 1.4.18 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | s800i | * | |
| asterisk | s800i | 1.0 | |
| asterisk | s800i | 1.0.1 | |
| asterisk | s800i | 1.0.2 | |
| asterisk | s800i | 1.0.3 | |
| asterisk | s800i | 1.0.3.3 | |
| asterisk | s800i | 1.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk:a:*:business:*:*:*:*:*",
"matchCriteriaId": "C6702046-43CF-4C84-9F76-24716C9F7D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.1.3.2:*:business:*:*:*:*:*",
"matchCriteriaId": "524CF00B-1B36-4C1F-80B4-28349891669B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.1.3.3:*:business:*:*:*:*:*",
"matchCriteriaId": "2942FA48-42CE-4E67-A5BF-7852652EDE28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.2.0:*:business:*:*:*:*:*",
"matchCriteriaId": "4160A834-9194-474C-819B-60627E470D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.2.1:*:business:*:*:*:*:*",
"matchCriteriaId": "D81F6E55-80F1-4770-9FF0-305EEEF3C4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.1:*:business:*:*:*:*:*",
"matchCriteriaId": "087DC9EC-0DF2-48AE-BB62-8DDF95C3EC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.2:*:business:*:*:*:*:*",
"matchCriteriaId": "471032A5-5EB6-44D1-91C8-BEA42C1E205A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.3:*:business:*:*:*:*:*",
"matchCriteriaId": "6FEB3FCA-065E-4C32-A4C7-F2C79F214F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.4:*:business:*:*:*:*:*",
"matchCriteriaId": "636D765F-C47B-4762-9419-D7B51FA38AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.5:*:business:*:*:*:*:*",
"matchCriteriaId": "36F29EE8-E05F-4F0A-B0FA-66C551856C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:b.2.3.6:*:business:*:*:*:*:*",
"matchCriteriaId": "CEAA72FE-E13C-4363-AF5C-7D1CEEE2FA77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.0_beta7:*:business:*:*:*:*:*",
"matchCriteriaId": "D0A87D63-35F5-47D7-893B-E8B179B16C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.0_beta8:*:business:*:*:*:*:*",
"matchCriteriaId": "95C1809E-9031-483F-B873-160284FA71D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.6:*:business:*:*:*:*:*",
"matchCriteriaId": "E35C336A-A786-476B-8B9F-E682D999B6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk:c.1.6.1:*:business:*:*:*:*:*",
"matchCriteriaId": "8121721B-EBC6-44EA-86D6-7B0FF1C8FF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF22BFB-2B22-4FBE-AE35-D7BC2A461865",
"versionEndIncluding": "1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C05B437-C292-4AA0-8AFE-1CA07CD80034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0102C4C0-1A7D-4AB7-9817-44E6B0DB761E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "81DDF486-4185-48EE-869E-0AA6726C31F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF45A8E1-F6B1-42BD-9168-12062FA6EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C5757B9B-2759-439A-9A6D-CCDD6C8C8940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4548D39-0562-4946-AA51-A7C1A31AEE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD71268-EAA2-477B-8AC4-DE4853A262B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "529B2115-A191-4F3F-8F8C-A38B7C45463A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B76EFDCA-20EC-4C62-A0AD-CBD317D69441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EC98BF-00C0-48F5-ADFA-DB8AC6E95F3A",
"versionEndIncluding": "a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E140B81-4528-4BCC-AE60-B91DD4B2C9FE",
"versionEndIncluding": "b.2.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E8CF6B9-050B-426B-86FC-8A32E8C09A68",
"versionEndIncluding": "c.1.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7C58E6B-AECC-48AF-8059-61772690776A",
"versionEndIncluding": "1.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6FE17C-3B08-4675-9F73-5DC0C2438BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A66DC4A6-290C-48ED-A0F8-8DC05EA0AAC6",
"versionEndIncluding": "1.2.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CEDD6A3-13B1-4553-8BAD-93DB5203F3B6",
"versionEndIncluding": "1.4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:*:rc-2:*:*:*:*:*:*",
"matchCriteriaId": "F4AB8D8F-15AC-4516-85A2-B5D2B5B3DF04",
"versionEndIncluding": "1.4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "678DB154-4363-42FF-8B28-367923FC6595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F2C378-FF0E-4765-9F66-625C4064D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A55A9295-F632-4856-90A1-38371EB98589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7FAE6AF1-884D-41F7-B174-9E13C7719C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA9E35B-9A6B-42F2-9315-9C7D09F62227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "89B1F293-4F0F-48FD-A1F1-1230B94D87D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF7EC20-A424-45E5-B7E4-3CC86075858C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C790E105-55C8-4CDC-9FA8-E1FF6F130A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44C860EF-2B29-4995-B942-000CC43FDD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADB80EF-C724-44BA-88FC-24087799D0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "78B39BE8-7E2D-42DF-8633-44CAD5662777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F39036E3-0027-4C72-9DEB-9A6E2B4512C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A037E6F9-3EF7-4EEB-AC16-081421BCE40D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7EC02A-9C9E-4589-BBB3-1908D3078A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6C70FA9C-6F3B-4BDF-97FB-81D06AB0EE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7971E1-F136-4ADC-95EC-BC4F92E838CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E62D108C-862D-4BDB-BE37-285AA4C9C59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "CF1422F3-829D-498C-83A6-02989DFB70A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CBEB9D69-A404-4053-92F9-CAC3481AFF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B2F43B-8B69-4BF6-86B7-A225175FF068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27202966-2C41-4964-9497-1887D2A834C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1471B5A2-15BE-4E7C-BA49-2E6002F7C8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7108D72F-5AFD-4EEF-B2A9-CA4FA792E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "107DA2D8-FE7C-4B70-856D-43D58B988694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD71DD9-8A15-45E2-9FB3-F0544D7E1B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5C14614F-4E27-40A6-9E56-2B1DBB10330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2F2F5A-66FD-4057-917C-66332A88D83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "399B0206-B48B-46EF-8CA6-A6E5A2550B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "26E9760F-C0EB-47BB-8DA4-CC7815099DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4C510A9A-C3E2-4AF8-9919-1A22E918CDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD915CD-A7D3-4305-A6C0-290C648A226C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4F734E-0E78-4957-B323-8E9FBA7FF15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B117B-E945-4033-A79D-10DFAA3DF18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EBFB79-C269-4132-BFAB-451F66CE8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59BC20-3217-4584-9196-D1CD9E0D6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64DF29-5B3D-401E-885E-8E37FD577254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "967DF432-DEF4-4FA2-8C8D-19A7FB663A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "40850BF4-E252-4667-9B46-9B6FEF6E997D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1BB01DD1-B29B-4210-88CC-9ADB3148A410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "5C0FA6A3-BFA9-4397-B75B-75C8357C36B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "295D4042-2D3C-481B-B969-2DDAC1161198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "044FD0D0-FC92-4A01-B0D4-11A703EF21FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3477EC1A-9634-492C-B052-35770A9C9F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1C90F104-FA2C-4091-B149-1774AC982C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C9328768-7C08-4143-B5F8-F5C2D735D21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C04E2B3-094B-4828-A2FC-BB66244A9F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE3D31-4BB2-45A3-B085-8C91152A3152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0107D4-395E-45F1-B963-7618CCC007D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "53B8E11B-4984-45A8-A107-D276205988B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2495DB98-F923-4E60-86EC-2DBB7A98C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E186D125-996E-4900-A2B8-5CDC8B5D5136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27DC6CF7-4DF8-4472-A684-8CCB5E26FCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1A838577-2BA1-4792-8B69-6FB07FFD7727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FF0F09-0268-480F-A2F3-6F8C3F323EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1E04DC-AE6A-4536-8E45-36494E51B036",
"versionEndIncluding": "1.1.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C3A0A08-4107-4B8B-AE7E-DC23849A54DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9320928D-D83C-4258-AF62-AB2D1F50D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "569084D1-977D-41FC-A444-0B3F5199DDD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02D182FB-761C-4F08-A776-B613FAC55230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9046D49-6878-4571-8B9E-2FBD5BA80D19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:s800i:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B5EDAB-61DD-4864-A159-39292D339DA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Asterisk Open Source versiones 1.2.x anteriores a 1.2.27, 1.4.x anteriores a 1.4.18.1 y 1.4.19-rc3; en Business Edition versiones A.x.x, B.x.x anteriores a B.2.5.1, y C.x.x anteriores a C.1.6.2; en AsteriskNOW versiones 1.0.x anteriores a 1.0.2; Appliance Developer Kit anteriores a 1.4 revisi\u00f3n 109393; y s800i versiones 1.0.x anteriores a 1.1.0.2 permite a atacantes remotos acceder al controlador del canal SIP mediante la utilizaci\u00f3n de una cabecera From especialmente construida."
}
],
"id": "CVE-2008-1332",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-03-20T00:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29426"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29456"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29470"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29782"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29957"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019629"
},
{
"source": "cve@mitre.org",
"url": "http://www.asterisk.org/node/48466"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489818/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28310"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41308"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://downloads.digium.com/pub/security/AST-2008-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29957"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200804-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.asterisk.org/node/48466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489818/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-30 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact via a series of KEYPAD_BUTTON_MESSAGE events.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2012-005.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html | ||
| cve@mitre.org | http://osvdb.org/81455 | ||
| cve@mitre.org | http://secunia.com/advisories/48891 | ||
| cve@mitre.org | http://secunia.com/advisories/48941 | ||
| cve@mitre.org | http://www.debian.org/security/2012/dsa-2460 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/53210 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1026962 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/75102 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2012-005.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/81455 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48891 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48941 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/53210 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026962 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/75102 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.1 | |
| asterisk | open_source | 1.6.2.1 | |
| asterisk | open_source | 1.6.2.2 | |
| asterisk | open_source | 1.6.2.3 | |
| asterisk | open_source | 1.6.2.4 | |
| asterisk | open_source | 1.6.2.5 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.8 | |
| asterisk | open_source | 1.6.2.8 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.12 | |
| asterisk | open_source | 1.6.2.12 | |
| asterisk | open_source | 1.6.2.13 | |
| asterisk | open_source | 1.6.2.14 | |
| asterisk | open_source | 1.6.2.14 | |
| asterisk | open_source | 1.6.2.15 | |
| asterisk | open_source | 1.6.2.15 | |
| asterisk | open_source | 1.6.2.15.1 | |
| asterisk | open_source | 1.6.2.16 | |
| asterisk | open_source | 1.6.2.16 | |
| asterisk | open_source | 1.6.2.16.1 | |
| asterisk | open_source | 1.6.2.16.2 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17.1 | |
| asterisk | open_source | 1.6.2.17.2 | |
| asterisk | open_source | 1.6.2.17.3 | |
| asterisk | open_source | 1.6.2.18 | |
| asterisk | open_source | 1.6.2.18 | |
| asterisk | open_source | 1.6.2.18.1 | |
| asterisk | open_source | 1.6.2.18.2 | |
| asterisk | open_source | 1.6.2.19 | |
| asterisk | open_source | 1.6.2.19 | |
| asterisk | open_source | 1.6.2.20 | |
| asterisk | open_source | 1.6.2.21 | |
| asterisk | open_source | 1.6.2.22 | |
| asterisk | open_source | 1.6.2.23 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1.1 | |
| asterisk | open_source | 1.8.1.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2.1 | |
| asterisk | open_source | 1.8.2.2 | |
| asterisk | open_source | 1.8.2.3 | |
| asterisk | open_source | 1.8.2.4 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3.1 | |
| asterisk | open_source | 1.8.3.2 | |
| asterisk | open_source | 1.8.3.3 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4.1 | |
| asterisk | open_source | 1.8.4.2 | |
| asterisk | open_source | 1.8.4.3 | |
| asterisk | open_source | 1.8.4.4 | |
| asterisk | open_source | 1.8.5 | |
| asterisk | open_source | 1.8.5.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.1 | |
| asterisk | open_source | 1.8.7.2 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.1 | |
| asterisk | open_source | 1.8.8.2 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.1 | |
| asterisk | open_source | 1.8.9.2 | |
| asterisk | open_source | 1.8.9.3 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.1 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.1 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.1 | |
| asterisk | open_source | 10.1.2 | |
| asterisk | open_source | 10.1.3 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.1 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1442DC6C-2248-41E7-BDB4-084B123A6B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F1A4AAE7-00D5-490B-AA19-A42508ECBC8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DC64764B-C531-419C-8BB8-30C5F63C7EA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "7A5F9E61-B614-4C47-82AC-D16B457C266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "20FE8D05-A577-4EEC-ABBA-8051582975F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "4A216714-9F2B-45D7-B2A7-1F67751EA967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "42417475-610C-4A81-8B02-794640F8DDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc8:*:*:*:*:*:*",
"matchCriteriaId": "5A259435-BBB8-453B-82D3-2E4EE3BD9371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5834D5D3-F6FD-44C0-B7C1-34D715141A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F894080-DE73-4005-B2FE-E431F38D7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F70BA9D-6EDA-4859-90D1-EB69B48C2B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "33428429-33B5-4312-97E3-9A4B8A8F4C55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6E2126-B737-4C88-A66A-B88CB16476D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E6992A-73EB-401D-A905-D53313F28727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3345E-4260-4636-83DB-887F0733D7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "95C61533-C030-4B97-A94C-E44315BB6FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "91D670A7-2D38-4C50-96C2-3F3CA0F43515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39C637DF-5963-4C7C-8EF1-9A44E94AFE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8452C108-EF47-4C57-A505-D5B5AD5B1C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "40411DE4-CBDB-40D2-95A2-800EB554D1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "519DF434-8CF5-4F5E-80EF-4BBDA94DCD0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A5DD7471-1DA5-44EC-BD21-B0E0BFC58B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9520C54-8FD9-45FC-B64F-4E06D7E3E66B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9226B072-E5CF-40F7-B48D-8982054D1D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AC3B7AB5-FDC5-4175-B519-F749BE62AF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E7CA9765-F31C-41CF-9911-02E4309715E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A7A94C77-0762-45E8-9869-98D0E5F164E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0D2EE6-EDB9-4A0C-B31E-0B941DB912D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FDC7A9FA-5424-4A04-94D2-079FAF09BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "952F6925-EE1F-49EC-84A6-53A1A375FDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83E972B3-9787-47C9-9420-C66AE9C48CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F90ABE6-6B41-49BD-84BA-69A7BFEC23E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5C76827E-FA7E-42D3-A8E0-12566B461AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C35260-7A25-4259-B158-D5F825DB881B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16F66401-3A90-440F-88FD-C738806D168F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E323B610-AC45-4D24-87B9-0092AA9EFF39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DA54B75D-08C0-4182-8345-266240396A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7B9A8A55-2D6B-4434-BBD1-C7D80D0132C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDA8DC8-7299-4DC5-9426-524F6EEF75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "37C926F8-EC9F-49DD-8490-621843D41946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4795C86-CC4A-462A-B87A-FD32EA2889C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C03CED60-D582-493B-8D7C-FB3CB81D3647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8FFBAFC0-B9C6-40F3-B7EF-DE6F23F8D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35358757-6A14-48A0-BE40-B05F9A7451A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9B2CD0-0C61-4C9C-8B42-EA64D22BBE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "13D262E7-7A67-4622-8416-748519C80CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E0DCFB72-505A-486E-A096-87AB639F4710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C44F91FC-DC0C-4BB9-9FD0-1C7AAEA3D150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0316776E-CD3B-4DEF-ABCA-5806A398E327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E83FA56-DC43-4E3F-B9EB-136DE64E78A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5646D4C3-8491-4735-97A6-26688523512F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "90F7E035-9464-4921-8859-5854D47347B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE2F8D1-EC83-4CD8-A565-F59DCEC71120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4B763606-23A8-4159-9ECF-0766B13E8200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56E892-06D2-496A-ADFD-CBEC70DA1E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF01FF3C-5BA1-4758-97B4-633A20AB4C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7A201AA6-B612-476C-9555-870B58FE3169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B7889CE9-E2AB-4590-B447-ACCB21CB8E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "981A63D1-B6E2-4A38-8FB6-883E08BCE12F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF33946-9E1F-4992-BA76-46227BDC1885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "03FB9FF6-100C-4643-9E34-9EC43F214C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "4A30A7DF-2754-4C03-92F7-0028613C7165",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93F81ACF-615F-4EF5-BD73-74F4010B43D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D773468A-4C2D-4B88-BAB6-C2D892A304C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAE9D7-7A67-40D0-B864-66E76EBA5A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FFB08-0FCD-4839-95F4-97C09EB7E921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10C54588-265A-4955-8C73-38ADB664EF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D84681-F861-49BE-832F-20EBAD3B60C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2313F843-0F74-4FC9-92A2-1F721BB4C490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "23E24161-31DB-4739-B16D-B0BDF5151307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5E4B4F-49B7-41CB-803B-47A0081C3112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27D37142-F88C-42DE-A0FD-B17AB7981963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A5BD7C-3491-456A-A333-481977280F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "12711E11-F6CF-4A61-83FD-AD3748D7C47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86E83CDF-E3B5-48A8-B526-67A1618B97AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C8B329-AC4C-46E5-BAC3-B2B72C16A453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A81245B-0276-4D51-A3B4-9CC7233C9A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC30C27-32BD-42A9-814E-123BD18F416B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "676BA331-833E-4C8B-A523-2116752567B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D301553-EF77-4494-A893-FDC12E6A8C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35362678-3960-40E0-BB94-4642F09DDB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE8D88-E407-4E9F-8418-E95C16A55358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDEDE38-79FE-4B21-BE42-E8AA14475AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7128AC5-5DD7-4BD3-B14C-4ADA155DD5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2C32DA-44CE-4407-84B2-02B0D0474000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B032B5-06AB-4ABE-B51E-DE5C13458C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F33168AF-A3FB-4694-9DC8-CC28A7C3B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E55A7B81-4661-4E77-94FE-DA8D6261DC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "964672AE-C840-465E-BE8A-8E19D9C060AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "48827211-8F2F-4801-A5CD-77B07D1DD320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2463AD2-B341-494C-87AF-73B69B75D162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5DACA8-EBD6-4854-A32E-EDBD8C28B3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact via a series of KEYPAD_BUTTON_MESSAGE events."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en chan_skinny.c en el driver Skinny en Asterisk Open Source v1.6.2.x anterior a v1.6.2.24, v1.8.x anterior a v1.8.11.1, y v10.x anterior a v10.3.1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue) o tener otro impacto no especificado mediante una serie de eventos KEYPAD_BUTTON_MESSAGE"
}
],
"id": "CVE-2012-2415",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-30T20:55:02.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/81455"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48891"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48941"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53210"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026962"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75102"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-30 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2012-004.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html | ||
| cve@mitre.org | http://osvdb.org/81454 | ||
| cve@mitre.org | http://secunia.com/advisories/48891 | ||
| cve@mitre.org | http://secunia.com/advisories/48941 | ||
| cve@mitre.org | http://www.debian.org/security/2012/dsa-2460 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/53206 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1026961 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/75100 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2012-004.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/81454 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48891 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48941 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2460 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/53206 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026961 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/75100 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.0 | |
| asterisk | open_source | 1.6.2.1 | |
| asterisk | open_source | 1.6.2.1 | |
| asterisk | open_source | 1.6.2.2 | |
| asterisk | open_source | 1.6.2.3 | |
| asterisk | open_source | 1.6.2.4 | |
| asterisk | open_source | 1.6.2.5 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.6 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.7 | |
| asterisk | open_source | 1.6.2.8 | |
| asterisk | open_source | 1.6.2.8 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.9 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.10 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.11 | |
| asterisk | open_source | 1.6.2.12 | |
| asterisk | open_source | 1.6.2.12 | |
| asterisk | open_source | 1.6.2.13 | |
| asterisk | open_source | 1.6.2.14 | |
| asterisk | open_source | 1.6.2.14 | |
| asterisk | open_source | 1.6.2.15 | |
| asterisk | open_source | 1.6.2.15 | |
| asterisk | open_source | 1.6.2.15.1 | |
| asterisk | open_source | 1.6.2.16 | |
| asterisk | open_source | 1.6.2.16 | |
| asterisk | open_source | 1.6.2.16.1 | |
| asterisk | open_source | 1.6.2.16.2 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17 | |
| asterisk | open_source | 1.6.2.17.1 | |
| asterisk | open_source | 1.6.2.17.2 | |
| asterisk | open_source | 1.6.2.17.3 | |
| asterisk | open_source | 1.6.2.18 | |
| asterisk | open_source | 1.6.2.18 | |
| asterisk | open_source | 1.6.2.18.1 | |
| asterisk | open_source | 1.6.2.18.2 | |
| asterisk | open_source | 1.6.2.19 | |
| asterisk | open_source | 1.6.2.19 | |
| asterisk | open_source | 1.6.2.20 | |
| asterisk | open_source | 1.6.2.21 | |
| asterisk | open_source | 1.6.2.22 | |
| asterisk | open_source | 1.6.2.23 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1.1 | |
| asterisk | open_source | 1.8.1.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2.1 | |
| asterisk | open_source | 1.8.2.2 | |
| asterisk | open_source | 1.8.2.3 | |
| asterisk | open_source | 1.8.2.4 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3.1 | |
| asterisk | open_source | 1.8.3.2 | |
| asterisk | open_source | 1.8.3.3 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4.1 | |
| asterisk | open_source | 1.8.4.2 | |
| asterisk | open_source | 1.8.4.3 | |
| asterisk | open_source | 1.8.4.4 | |
| asterisk | open_source | 1.8.5 | |
| asterisk | open_source | 1.8.5.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.1 | |
| asterisk | open_source | 1.8.7.2 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.1 | |
| asterisk | open_source | 1.8.8.2 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.1 | |
| asterisk | open_source | 1.8.9.2 | |
| asterisk | open_source | 1.8.9.3 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.1 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.1 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.1 | |
| asterisk | open_source | 10.1.2 | |
| asterisk | open_source | 10.1.3 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.1 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1442DC6C-2248-41E7-BDB4-084B123A6B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F1A4AAE7-00D5-490B-AA19-A42508ECBC8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DC64764B-C531-419C-8BB8-30C5F63C7EA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "7A5F9E61-B614-4C47-82AC-D16B457C266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "20FE8D05-A577-4EEC-ABBA-8051582975F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "4A216714-9F2B-45D7-B2A7-1F67751EA967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "42417475-610C-4A81-8B02-794640F8DDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.0:rc8:*:*:*:*:*:*",
"matchCriteriaId": "5A259435-BBB8-453B-82D3-2E4EE3BD9371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5834D5D3-F6FD-44C0-B7C1-34D715141A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F894080-DE73-4005-B2FE-E431F38D7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F70BA9D-6EDA-4859-90D1-EB69B48C2B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "33428429-33B5-4312-97E3-9A4B8A8F4C55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6E2126-B737-4C88-A66A-B88CB16476D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3E6992A-73EB-401D-A905-D53313F28727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3345E-4260-4636-83DB-887F0733D7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "95C61533-C030-4B97-A94C-E44315BB6FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "91D670A7-2D38-4C50-96C2-3F3CA0F43515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "39C637DF-5963-4C7C-8EF1-9A44E94AFE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8452C108-EF47-4C57-A505-D5B5AD5B1C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "40411DE4-CBDB-40D2-95A2-800EB554D1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "519DF434-8CF5-4F5E-80EF-4BBDA94DCD0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A5DD7471-1DA5-44EC-BD21-B0E0BFC58B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9520C54-8FD9-45FC-B64F-4E06D7E3E66B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9226B072-E5CF-40F7-B48D-8982054D1D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AC3B7AB5-FDC5-4175-B519-F749BE62AF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E7CA9765-F31C-41CF-9911-02E4309715E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A7A94C77-0762-45E8-9869-98D0E5F164E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0D2EE6-EDB9-4A0C-B31E-0B941DB912D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FDC7A9FA-5424-4A04-94D2-079FAF09BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "952F6925-EE1F-49EC-84A6-53A1A375FDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83E972B3-9787-47C9-9420-C66AE9C48CDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F90ABE6-6B41-49BD-84BA-69A7BFEC23E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5C76827E-FA7E-42D3-A8E0-12566B461AC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C35260-7A25-4259-B158-D5F825DB881B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16F66401-3A90-440F-88FD-C738806D168F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E323B610-AC45-4D24-87B9-0092AA9EFF39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DA54B75D-08C0-4182-8345-266240396A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7B9A8A55-2D6B-4434-BBD1-C7D80D0132C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "6EDA8DC8-7299-4DC5-9426-524F6EEF75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "37C926F8-EC9F-49DD-8490-621843D41946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4795C86-CC4A-462A-B87A-FD32EA2889C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C03CED60-D582-493B-8D7C-FB3CB81D3647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8FFBAFC0-B9C6-40F3-B7EF-DE6F23F8D644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35358757-6A14-48A0-BE40-B05F9A7451A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9B2CD0-0C61-4C9C-8B42-EA64D22BBE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "13D262E7-7A67-4622-8416-748519C80CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E0DCFB72-505A-486E-A096-87AB639F4710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C44F91FC-DC0C-4BB9-9FD0-1C7AAEA3D150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0316776E-CD3B-4DEF-ABCA-5806A398E327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E83FA56-DC43-4E3F-B9EB-136DE64E78A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5646D4C3-8491-4735-97A6-26688523512F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "90F7E035-9464-4921-8859-5854D47347B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE2F8D1-EC83-4CD8-A565-F59DCEC71120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4B763606-23A8-4159-9ECF-0766B13E8200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA56E892-06D2-496A-ADFD-CBEC70DA1E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.18.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF01FF3C-5BA1-4758-97B4-633A20AB4C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "7A201AA6-B612-476C-9555-870B58FE3169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B7889CE9-E2AB-4590-B447-ACCB21CB8E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "981A63D1-B6E2-4A38-8FB6-883E08BCE12F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF33946-9E1F-4992-BA76-46227BDC1885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "03FB9FF6-100C-4643-9E34-9EC43F214C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.6.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "4A30A7DF-2754-4C03-92F7-0028613C7165",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93F81ACF-615F-4EF5-BD73-74F4010B43D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D773468A-4C2D-4B88-BAB6-C2D892A304C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAE9D7-7A67-40D0-B864-66E76EBA5A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FFB08-0FCD-4839-95F4-97C09EB7E921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10C54588-265A-4955-8C73-38ADB664EF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D84681-F861-49BE-832F-20EBAD3B60C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2313F843-0F74-4FC9-92A2-1F721BB4C490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "23E24161-31DB-4739-B16D-B0BDF5151307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5E4B4F-49B7-41CB-803B-47A0081C3112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27D37142-F88C-42DE-A0FD-B17AB7981963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A5BD7C-3491-456A-A333-481977280F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "12711E11-F6CF-4A61-83FD-AD3748D7C47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86E83CDF-E3B5-48A8-B526-67A1618B97AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C8B329-AC4C-46E5-BAC3-B2B72C16A453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A81245B-0276-4D51-A3B4-9CC7233C9A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC30C27-32BD-42A9-814E-123BD18F416B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "676BA331-833E-4C8B-A523-2116752567B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D301553-EF77-4494-A893-FDC12E6A8C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35362678-3960-40E0-BB94-4642F09DDB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE8D88-E407-4E9F-8418-E95C16A55358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDEDE38-79FE-4B21-BE42-E8AA14475AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7128AC5-5DD7-4BD3-B14C-4ADA155DD5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2C32DA-44CE-4407-84B2-02B0D0474000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B032B5-06AB-4ABE-B51E-DE5C13458C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F33168AF-A3FB-4694-9DC8-CC28A7C3B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E55A7B81-4661-4E77-94FE-DA8D6261DC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "964672AE-C840-465E-BE8A-8E19D9C060AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "48827211-8F2F-4801-A5CD-77B07D1DD320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2463AD2-B341-494C-87AF-73B69B75D162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5DACA8-EBD6-4854-A32E-EDBD8C28B3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action."
},
{
"lang": "es",
"value": "main/manager.c en el Manager Interface en Asterisk Open source v1.6.2.x anterior a v1.6.2.24, v1.8.x anterior a v1.8.11.1, y v10.x anterior a v10.3.1 y Asterisk Business Edition C.3.x anterior a C .3.7.4 no asegura adecuadamente los requisitos de autorizaci\u00f3n de la clase System, permitiendo a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) la acci\u00f3n origen en la aplicaci\u00f3n MixMonitor, (2) la SHELL y funciones EVAL en el gestor de acci\u00f3n GetVar, o (3) la SHELL y funciones EVAL en el gestor de acci\u00f3n Status."
}
],
"id": "CVE-2012-2414",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-30T20:55:02.607",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-004.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/81454"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48891"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48941"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53206"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026961"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2012-004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75100"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-24 15:41
Modified
2025-04-09 00:30
Severity ?
Summary
The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-011.html | ||
| cve@mitre.org | http://secunia.com/advisories/31178 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/31194 | ||
| cve@mitre.org | http://secunia.com/advisories/34982 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/494676/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/30350 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1020536 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2168/references | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/43955 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31178 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31194 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/494676/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/30350 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1020536 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2168/references | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/43955 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | s800i_appliance | 1.0 | |
| asterisk | s800i_appliance | 1.0.1 | |
| asterisk | s800i_appliance | 1.0.2 | |
| asterisk | s800i_appliance | 1.0.3 | |
| asterisk | asterisk_appliance_developer_kit | 0.2 | |
| asterisk | asterisk_appliance_developer_kit | 0.3 | |
| asterisk | asterisk_appliance_developer_kit | 0.4 | |
| asterisk | asterisk_appliance_developer_kit | 0.5 | |
| asterisk | asterisk_appliance_developer_kit | 0.6 | |
| asterisk | asterisk_appliance_developer_kit | 0.6.0 | |
| asterisk | asterisk_appliance_developer_kit | 0.7 | |
| asterisk | asterisk_appliance_developer_kit | 0.8 | |
| asterisk | asterisk_business_edition | a | |
| asterisk | asterisk_business_edition | b | |
| asterisk | asterisk_business_edition | b.1.3.2 | |
| asterisk | asterisk_business_edition | b.1.3.3 | |
| asterisk | asterisk_business_edition | b.2.2.0 | |
| asterisk | asterisk_business_edition | b.2.2.1 | |
| asterisk | asterisk_business_edition | b.2.3.1 | |
| asterisk | asterisk_business_edition | b.2.3.2 | |
| asterisk | asterisk_business_edition | b.2.3.3 | |
| asterisk | asterisk_business_edition | b.2.3.4 | |
| asterisk | asterisk_business_edition | b.2.3.6 | |
| asterisk | asterisk_business_edition | b.2.5.0 | |
| asterisk | asterisk_business_edition | b.2.5.3 | |
| asterisk | asterisk_business_edition | b2.5.1 | |
| asterisk | asterisk_business_edition | b2.5.2 | |
| asterisk | asterisk_business_edition | c | |
| asterisk | asterisk_business_edition | c.1.0-beta7 | |
| asterisk | asterisk_business_edition | c.1.0-beta8 | |
| asterisk | asterisk_business_edition | c.1.6 | |
| asterisk | asterisk_business_edition | c.1.6.1 | |
| asterisk | asterisk_business_edition | c.1.6.2 | |
| asterisk | asterisk_business_edition | c1.8.0 | |
| asterisk | asterisk_business_edition | c1.8.1 | |
| asterisk | asterisknow | beta_5 | |
| asterisk | asterisknow | beta_6 | |
| asterisk | asterisknow | beta_7 | |
| asterisk | asterisknow | pre-release | |
| asterisk | open_source | 1.0 | |
| asterisk | open_source | 1.0.0 | |
| asterisk | open_source | 1.0.1 | |
| asterisk | open_source | 1.0.2 | |
| asterisk | open_source | 1.0.3 | |
| asterisk | open_source | 1.0.3.4 | |
| asterisk | open_source | 1.0.4 | |
| asterisk | open_source | 1.0.5 | |
| asterisk | open_source | 1.0.6 | |
| asterisk | open_source | 1.0.7 | |
| asterisk | open_source | 1.0.8 | |
| asterisk | open_source | 1.0.9 | |
| asterisk | open_source | 1.0.11 | |
| asterisk | open_source | 1.0.11.1 | |
| asterisk | open_source | 1.0.12 | |
| asterisk | open_source | 1.2.0 | |
| asterisk | open_source | 1.2.0beta1 | |
| asterisk | open_source | 1.2.0beta2 | |
| asterisk | open_source | 1.2.1 | |
| asterisk | open_source | 1.2.2 | |
| asterisk | open_source | 1.2.3 | |
| asterisk | open_source | 1.2.4 | |
| asterisk | open_source | 1.2.5 | |
| asterisk | open_source | 1.2.6 | |
| asterisk | open_source | 1.2.7 | |
| asterisk | open_source | 1.2.7.1 | |
| asterisk | open_source | 1.2.8 | |
| asterisk | open_source | 1.2.9 | |
| asterisk | open_source | 1.2.9.1 | |
| asterisk | open_source | 1.2.10 | |
| asterisk | open_source | 1.2.11 | |
| asterisk | open_source | 1.2.12 | |
| asterisk | open_source | 1.2.12.1 | |
| asterisk | open_source | 1.2.13 | |
| asterisk | open_source | 1.2.14 | |
| asterisk | open_source | 1.2.15 | |
| asterisk | open_source | 1.2.16 | |
| asterisk | open_source | 1.2.17 | |
| asterisk | open_source | 1.2.18 | |
| asterisk | open_source | 1.2.19 | |
| asterisk | open_source | 1.2.20 | |
| asterisk | open_source | 1.2.21 | |
| asterisk | open_source | 1.2.21.1 | |
| asterisk | open_source | 1.2.22 | |
| asterisk | open_source | 1.2.23 | |
| asterisk | open_source | 1.2.24 | |
| asterisk | open_source | 1.2.25 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.27 | |
| asterisk | open_source | 1.2.28 | |
| asterisk | open_source | 1.2.29 | |
| asterisk | open_source | 1.4.0 | |
| asterisk | open_source | 1.4.1 | |
| asterisk | open_source | 1.4.2 | |
| asterisk | open_source | 1.4.3 | |
| asterisk | open_source | 1.4.4 | |
| asterisk | open_source | 1.4.5 | |
| asterisk | open_source | 1.4.6 | |
| asterisk | open_source | 1.4.7 | |
| asterisk | open_source | 1.4.7.1 | |
| asterisk | open_source | 1.4.8 | |
| asterisk | open_source | 1.4.9 | |
| asterisk | open_source | 1.4.10 | |
| asterisk | open_source | 1.4.10.1 | |
| asterisk | open_source | 1.4.11 | |
| asterisk | open_source | 1.4.12 | |
| asterisk | open_source | 1.4.12.1 | |
| asterisk | open_source | 1.4.13 | |
| asterisk | open_source | 1.4.14 | |
| asterisk | open_source | 1.4.15 | |
| asterisk | open_source | 1.4.16 | |
| asterisk | open_source | 1.4.16.1 | |
| asterisk | open_source | 1.4.16.2 | |
| asterisk | open_source | 1.4.17 | |
| asterisk | open_source | 1.4.18 | |
| asterisk | open_source | 1.4.18.1 | |
| asterisk | open_source | 1.4.19 | |
| asterisk | open_source | 1.4.19.1 | |
| asterisk | open_source | 1.4.19_rc3 | |
| asterisk | open_source | 1.4_revision_95946 | |
| asterisk | open_source | 1.4beta |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asterisk:s800i_appliance:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9282AC42-E98A-4BC2-B46D-15B5776C961F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asterisk:s800i_appliance:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83DBFD69-2500-46C1-827C-1493CF896F49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asterisk:s800i_appliance:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F53C8D19-507A-45B6-9B19-C733460F0739",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:asterisk:s800i_appliance:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "09AEF231-3438-420E-B2B0-1B876A929033",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C05B437-C292-4AA0-8AFE-1CA07CD80034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0102C4C0-1A7D-4AB7-9817-44E6B0DB761E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "81DDF486-4185-48EE-869E-0AA6726C31F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CF45A8E1-F6B1-42BD-9168-12062FA6EAEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C5757B9B-2759-439A-9A6D-CCDD6C8C8940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4548D39-0562-4946-AA51-A7C1A31AEE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD71268-EAA2-477B-8AC4-DE4853A262B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_appliance_developer_kit:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "529B2115-A191-4F3F-8F8C-A38B7C45463A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:a:*:*:*:*:*:*:*",
"matchCriteriaId": "313B3A38-8DEA-4D62-A1A4-0B6011E81870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b:*:*:*:*:*:*:*",
"matchCriteriaId": "B24F3283-4809-40B1-8166-9D1C3A4C9104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "802F8680-AB38-41AF-BFC8-F6927F6B1626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAE8D90-B032-4C60-B487-BE655D00FFAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64A872-B7B8-46A8-81E4-49EDAC160531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "21000270-C9B9-430C-A252-763887A15835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12F7CF45-5482-4947-8F1D-48C746987475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B64995D-7892-49AB-A89D-A5D15615C5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0397DBD4-EA00-444A-9008-4932F99DF325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD865F-BC39-4255-A797-6E5945773337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7203093-7209-4184-92CB-08AD73FAC379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4956871-4DD3-4299-8BEB-9D98A4449A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F04F844-79C4-41F3-9671-8B46460D0AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8936B494-E647-498B-8380-AE4DAD458533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B234F33-5233-42A3-B95A-3A3558B4DDCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c:*:*:*:*:*:*:*",
"matchCriteriaId": "4D47534E-8EBC-44B5-8770-65BBA7C3F3DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0-beta7:*:*:*:*:*:*:*",
"matchCriteriaId": "5BC80EBD-14D3-44A6-A06F-0549722E0EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0-beta8:*:*:*:*:*:*:*",
"matchCriteriaId": "7859797F-E9AD-4429-BD2C-A24EC24A5D03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C988FD-CFB9-4763-BE5A-B89FB3538FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00A6DAD0-D4C3-4A58-A35A-991E04B50EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c.1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6413B123-65DE-4483-A8A0-F5F30A809570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "502AEBA1-2A6D-4367-86AB-F2948207FCA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:c1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93DA4919-A365-48B6-84D6-6A7D97941A13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:beta_5:*:*:*:*:*:*:*",
"matchCriteriaId": "B12A09BE-1EE0-46D5-B3F0-E8847409A49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:beta_6:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5A734E-1DD3-4924-8AC1-97048FA3270F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:beta_7:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE2F09E-4B5A-4EDF-A48A-BCBBAA80156B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisknow:pre-release:*:*:*:*:*:*:*",
"matchCriteriaId": "F420EB4D-5B9C-4BBA-AAC5-5E0E83CD1F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "678DB154-4363-42FF-8B28-367923FC6595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F2C378-FF0E-4765-9F66-625C4064D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A55A9295-F632-4856-90A1-38371EB98589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7FAE6AF1-884D-41F7-B174-9E13C7719C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DCA9E35B-9A6B-42F2-9315-9C7D09F62227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "89B1F293-4F0F-48FD-A1F1-1230B94D87D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF7EC20-A424-45E5-B7E4-3CC86075858C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C790E105-55C8-4CDC-9FA8-E1FF6F130A67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44C860EF-2B29-4995-B942-000CC43FDD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADB80EF-C724-44BA-88FC-24087799D0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "78B39BE8-7E2D-42DF-8633-44CAD5662777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F39036E3-0027-4C72-9DEB-9A6E2B4512C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A037E6F9-3EF7-4EEB-AC16-081421BCE40D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7EC02A-9C9E-4589-BBB3-1908D3078A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6C70FA9C-6F3B-4BDF-97FB-81D06AB0EE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7971E1-F136-4ADC-95EC-BC4F92E838CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "7435F043-F92B-4635-93CC-A2C39AAE1BCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.0beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B2F43B-8B69-4BF6-86B7-A225175FF068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27202966-2C41-4964-9497-1887D2A834C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1471B5A2-15BE-4E7C-BA49-2E6002F7C8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7108D72F-5AFD-4EEF-B2A9-CA4FA792E193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "107DA2D8-FE7C-4B70-856D-43D58B988694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD71DD9-8A15-45E2-9FB3-F0544D7E1B80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5C14614F-4E27-40A6-9E56-2B1DBB10330B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7A2F2F5A-66FD-4057-917C-66332A88D83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "399B0206-B48B-46EF-8CA6-A6E5A2550B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "26E9760F-C0EB-47BB-8DA4-CC7815099DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4C510A9A-C3E2-4AF8-9919-1A22E918CDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD915CD-A7D3-4305-A6C0-290C648A226C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F4F734E-0E78-4957-B323-8E9FBA7FF15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4B117B-E945-4033-A79D-10DFAA3DF18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EBFB79-C269-4132-BFAB-451F66CE8289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59BC20-3217-4584-9196-D1CD9E0D6B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C64DF29-5B3D-401E-885E-8E37FD577254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "BE47A547-26E7-48F9-B0A6-2F65E04A1EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AEB744-FCF2-4A41-8866-9D1D20E6C6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "51E5EB34-30AD-4E81-8BD4-4AB905E52B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "967DF432-DEF4-4FA2-8C8D-19A7FB663A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "295D4042-2D3C-481B-B969-2DDAC1161198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "99E9EE2A-56AD-42BC-8CB0-D34091849B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96877A3E-B54B-4F31-B281-76CDC98B2D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D0B4503-42A6-4D88-954E-A662E91EC204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B73813-BCD8-429E-B9B9-D6665E026BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBA3ECC-4F40-41CD-A6D7-BBD680DDBACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9CBE2156-AF86-4C72-B33D-3FF83930F828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61408884-FBBF-4D94-A552-F99AB46DCED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4A527277-D97D-4B74-906F-7481BDBD96D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B57A32-7B83-4783-A244-C26301970444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "044FD0D0-FC92-4A01-B0D4-11A703EF21FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3477EC1A-9634-492C-B052-35770A9C9F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1C90F104-FA2C-4091-B149-1774AC982C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C9328768-7C08-4143-B5F8-F5C2D735D21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C04E2B3-094B-4828-A2FC-BB66244A9F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDE3D31-4BB2-45A3-B085-8C91152A3152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0107D4-395E-45F1-B963-7618CCC007D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "53B8E11B-4984-45A8-A107-D276205988B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "2495DB98-F923-4E60-86EC-2DBB7A98C90C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E186D125-996E-4900-A2B8-5CDC8B5D5136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27DC6CF7-4DF8-4472-A684-8CCB5E26FCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "88576385-EF03-408B-9775-B52E6AFFE48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1A838577-2BA1-4792-8B69-6FB07FFD7727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEED3E1-13E0-46E6-8AAB-D24D2D04AE4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "ED2BF36F-CF10-4F24-970B-3D0BB7561C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1593E1-BF21-4DB9-A18E-9F221F3F9022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4.19_rc3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D41604A-21CB-4EF3-85E8-8CD170C8013F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4_revision_95946:*:*:*:*:*:*:*",
"matchCriteriaId": "E3C6272B-D0C4-4EA5-AEE4-5A45DAA2DDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.4beta:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8012CE-4D4B-4131-87E7-16D7907E3BB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request."
},
{
"lang": "es",
"value": "La implementaci\u00f3n FWDOWNL firmware-download en Asterisk Open Source 1.0.x, 1.2.x antes de 1.2.30 y 1.4.x antes de 1.4.21.2; Business Edition A.x.x, B.x.x antes de B.2.5.4 y C.x.x antes de C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; y s800i 1.0.x antes de 1.2.0.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (amplificaci\u00f3n del tr\u00e1fico) mediante una petici\u00f3n IAX2 FWDOWNL."
}
],
"id": "CVE-2008-3264",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-24T15:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://downloads.digium.com/pub/security/AST-2008-011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31178"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31194"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/494676/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30350"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020536"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2168/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43955"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.digium.com/pub/security/AST-2008-011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/494676/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2168/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-17 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.digium.com/pub/security/AST-2008-012.html | ||
| cve@mitre.org | http://osvdb.org/50675 | ||
| cve@mitre.org | http://secunia.com/advisories/32956 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34982 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| cve@mitre.org | http://securityreason.com/securityalert/4769 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/499117/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/32773 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1021378 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/3403 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.digium.com/pub/security/AST-2008-012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/50675 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32956 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200905-01.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/4769 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/499117/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/32773 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021378 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/3403 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | asterisk_business_edition | b.2.3.4 | |
| asterisk | asterisk_business_edition | b.2.3.5 | |
| asterisk | asterisk_business_edition | b.2.5.0 | |
| asterisk | asterisk_business_edition | b.2.5.1 | |
| asterisk | asterisk_business_edition | b.2.5.3 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.1 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.26.2 | |
| asterisk | open_source | 1.2.27 | |
| asterisk | open_source | 1.2.28 | |
| asterisk | open_source | 1.2.29 | |
| asterisk | open_source | 1.2.30 | |
| asterisk | open_source | 1.2.30.2 | |
| asterisk | open_source | 1.2.30.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCD865F-BC39-4255-A797-6E5945773337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BB3C2CF4-4A4B-4398-92DC-EAE43801D08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4956871-4DD3-4299-8BEB-9D98A4449A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F796D547-034A-46FB-B245-3863C198AA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F04F844-79C4-41F3-9671-8B46460D0AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:netsec:*:*:*:*:*:*",
"matchCriteriaId": "9EEA1E9C-C1FB-4EFD-86EA-DCF78C57FC35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "5E20FAF7-9031-478E-A89C-D6FB3B5FDE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "72375576-F857-4585-A677-A326D89A65B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "BE47A547-26E7-48F9-B0A6-2F65E04A1EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AEB744-FCF2-4A41-8866-9D1D20E6C6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "51E5EB34-30AD-4E81-8BD4-4AB905E52B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "4359322B-08D0-4710-A9C3-54BD4A17B800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78F84DF4-DBA7-430C-AF17-F52024EF80D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.3:*:*:*:*:*:*:*",
"matchCriteriaId": "34266614-3588-485C-A609-37823F8499AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching."
},
{
"lang": "es",
"value": "Asterisk Open Source 1.2.26 hasta 1.2.30.3 y Business Edition B.2.3.5 hasta B.2.5.5, cuando los usuarios realtime IAX2 son habilitados, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de intentos de autenticaci\u00f3n relativos a (1) usuarios desconocidos o (2) usuarios que usan hostname coincidentes."
}
],
"id": "CVE-2008-5558",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-12-17T17:30:00.407",
"references": [
{
"source": "cve@mitre.org",
"url": "http://downloads.digium.com/pub/security/AST-2008-012.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/50675"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32956"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4769"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/499117/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32773"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021378"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://downloads.digium.com/pub/security/AST-2008-012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/50675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/499117/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3403"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-01 16:55
Modified
2025-04-11 00:51
Severity ?
Summary
main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://downloads.asterisk.org/pub/security/AST-2013-002.html | Vendor Advisory | |
| cve@mitre.org | http://telussecuritylabs.com/threats/show/TSL20130327-01 | ||
| cve@mitre.org | https://issues.asterisk.org/jira/browse/ASTERISK-20967 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://downloads.asterisk.org/pub/security/AST-2013-002.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://telussecuritylabs.com/threats/show/TSL20130327-01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.asterisk.org/jira/browse/ASTERISK-20967 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.0 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1 | |
| asterisk | open_source | 1.8.1.1 | |
| asterisk | open_source | 1.8.1.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2 | |
| asterisk | open_source | 1.8.2.1 | |
| asterisk | open_source | 1.8.2.2 | |
| asterisk | open_source | 1.8.2.3 | |
| asterisk | open_source | 1.8.2.4 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3 | |
| asterisk | open_source | 1.8.3.1 | |
| asterisk | open_source | 1.8.3.2 | |
| asterisk | open_source | 1.8.3.3 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4 | |
| asterisk | open_source | 1.8.4.1 | |
| asterisk | open_source | 1.8.4.2 | |
| asterisk | open_source | 1.8.4.3 | |
| asterisk | open_source | 1.8.4.4 | |
| asterisk | open_source | 1.8.5 | |
| asterisk | open_source | 1.8.5.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.6.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.0 | |
| asterisk | open_source | 1.8.7.1 | |
| asterisk | open_source | 1.8.7.2 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.0 | |
| asterisk | open_source | 1.8.8.1 | |
| asterisk | open_source | 1.8.8.2 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.0 | |
| asterisk | open_source | 1.8.9.1 | |
| asterisk | open_source | 1.8.9.2 | |
| asterisk | open_source | 1.8.9.3 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.0 | |
| asterisk | open_source | 1.8.10.1 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.0 | |
| asterisk | open_source | 1.8.11.1 | |
| asterisk | open_source | 1.8.12 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.0 | |
| asterisk | open_source | 1.8.12.1 | |
| asterisk | open_source | 1.8.12.2 | |
| asterisk | open_source | 1.8.13.0 | |
| asterisk | open_source | 1.8.13.0 | |
| asterisk | open_source | 1.8.13.0 | |
| asterisk | open_source | 1.8.13.1 | |
| asterisk | open_source | 1.8.14.0 | |
| asterisk | open_source | 1.8.14.0 | |
| asterisk | open_source | 1.8.14.0 | |
| asterisk | open_source | 1.8.14.1 | |
| asterisk | open_source | 1.8.15.0 | |
| asterisk | open_source | 1.8.15.0 | |
| asterisk | open_source | 1.8.15.1 | |
| asterisk | open_source | 1.8.16.0 | |
| asterisk | open_source | 1.8.16.0 | |
| asterisk | open_source | 1.8.16.0 | |
| asterisk | open_source | 1.8.17.0 | |
| asterisk | open_source | 1.8.17.0 | |
| asterisk | open_source | 1.8.17.0 | |
| asterisk | open_source | 1.8.17.0 | |
| asterisk | open_source | 1.8.18.0 | |
| asterisk | open_source | 1.8.18.0 | |
| asterisk | open_source | 1.8.18.1 | |
| asterisk | open_source | 1.8.19.0 | |
| asterisk | open_source | 1.8.19.0 | |
| asterisk | open_source | 1.8.19.0 | |
| asterisk | open_source | 1.8.19.1 | |
| asterisk | open_source | 1.8.20.0 | |
| asterisk | open_source | 1.8.20.0 | |
| asterisk | open_source | 1.8.20.0 | |
| asterisk | open_source | 1.8.20.1 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.0 | |
| asterisk | open_source | 10.0.1 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.0 | |
| asterisk | open_source | 10.1.1 | |
| asterisk | open_source | 10.1.2 | |
| asterisk | open_source | 10.1.3 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.0 | |
| asterisk | open_source | 10.2.1 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.0 | |
| asterisk | open_source | 10.3.1 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.0 | |
| asterisk | open_source | 10.4.1 | |
| asterisk | open_source | 10.4.2 | |
| asterisk | open_source | 10.5.0 | |
| asterisk | open_source | 10.5.0 | |
| asterisk | open_source | 10.5.0 | |
| asterisk | open_source | 10.5.1 | |
| asterisk | open_source | 10.5.2 | |
| asterisk | open_source | 10.6.0 | |
| asterisk | open_source | 10.6.0 | |
| asterisk | open_source | 10.6.0 | |
| asterisk | open_source | 10.6.1 | |
| asterisk | open_source | 10.7.0 | |
| asterisk | open_source | 10.7.0 | |
| asterisk | open_source | 10.7.1 | |
| asterisk | open_source | 10.8.0 | |
| asterisk | open_source | 10.8.0 | |
| asterisk | open_source | 10.8.0 | |
| asterisk | open_source | 10.9.0 | |
| asterisk | open_source | 10.9.0 | |
| asterisk | open_source | 10.9.0 | |
| asterisk | open_source | 10.9.0 | |
| asterisk | open_source | 10.10.0 | |
| asterisk | open_source | 10.10.0 | |
| asterisk | open_source | 10.10.0 | |
| asterisk | open_source | 10.10.1 | |
| asterisk | open_source | 10.11.0 | |
| asterisk | open_source | 10.11.0 | |
| asterisk | open_source | 10.11.0 | |
| asterisk | open_source | 10.11.1 | |
| asterisk | open_source | 10.12.0 | |
| asterisk | open_source | 10.12.0 | |
| asterisk | open_source | 10.12.0 | |
| asterisk | open_source | 10.12.1 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.0 | |
| asterisk | open_source | 11.0.1 | |
| asterisk | open_source | 11.0.2 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.0 | |
| asterisk | open_source | 11.1.1 | |
| asterisk | open_source | 11.1.2 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.0 | |
| asterisk | open_source | 11.2.1 | |
| asterisk | certified_asterisk | 1.8.15 | |
| asterisk | certified_asterisk | 1.8.15 | |
| asterisk | certified_asterisk | 1.8.15 | |
| asterisk | certified_asterisk | 1.8.15 | |
| asterisk | certified_asterisk | 1.8.15.0 | |
| asterisk | certified_asterisk | 1.8.15.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.0.0 | |
| asterisk | digiumphones | 10.1.0 | |
| asterisk | digiumphones | 10.1.0 | |
| asterisk | digiumphones | 10.1.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.2.0 | |
| asterisk | digiumphones | 10.3.0 | |
| asterisk | digiumphones | 10.3.0 | |
| asterisk | digiumphones | 10.3.0 | |
| asterisk | digiumphones | 10.4.0 | |
| asterisk | digiumphones | 10.4.0 | |
| asterisk | digiumphones | 10.4.0 | |
| asterisk | digiumphones | 10.4.0 | |
| asterisk | digiumphones | 10.5.0 | |
| asterisk | digiumphones | 10.5.0 | |
| asterisk | digiumphones | 10.5.0 | |
| asterisk | digiumphones | 10.6.0 | |
| asterisk | digiumphones | 10.6.0 | |
| asterisk | digiumphones | 10.6.0 | |
| asterisk | digiumphones | 10.7.0 | |
| asterisk | digiumphones | 10.7.0 | |
| asterisk | digiumphones | 10.8.0 | |
| asterisk | digiumphones | 10.8.0 | |
| asterisk | digiumphones | 10.8.0 | |
| asterisk | digiumphones | 10.9.0 | |
| asterisk | digiumphones | 10.10.0 | |
| asterisk | digiumphones | 10.10.0 | |
| asterisk | digiumphones | 10.10.0 | |
| asterisk | digiumphones | 10.11.0 | |
| asterisk | digiumphones | 10.11.0 | |
| asterisk | digiumphones | 10.11.0 | |
| asterisk | digiumphones | 10.11.0 | |
| asterisk | digiumphones | 10.12.0 | |
| asterisk | digiumphones | 10.12.0 | |
| asterisk | digiumphones | 10.12.0 | |
| asterisk | digiumphones | 10.12.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93F81ACF-615F-4EF5-BD73-74F4010B43D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D773468A-4C2D-4B88-BAB6-C2D892A304C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56BAE9D7-7A67-40D0-B864-66E76EBA5A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B82FFB08-0FCD-4839-95F4-97C09EB7E921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10C54588-265A-4955-8C73-38ADB664EF0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D84681-F861-49BE-832F-20EBAD3B60C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2313F843-0F74-4FC9-92A2-1F721BB4C490",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "23E24161-31DB-4739-B16D-B0BDF5151307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F5E4B4F-49B7-41CB-803B-47A0081C3112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "27D37142-F88C-42DE-A0FD-B17AB7981963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A5BD7C-3491-456A-A333-481977280F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "12711E11-F6CF-4A61-83FD-AD3748D7C47B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86E83CDF-E3B5-48A8-B526-67A1618B97AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C8B329-AC4C-46E5-BAC3-B2B72C16A453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A81245B-0276-4D51-A3B4-9CC7233C9A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC30C27-32BD-42A9-814E-123BD18F416B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "676BA331-833E-4C8B-A523-2116752567B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D301553-EF77-4494-A893-FDC12E6A8C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35362678-3960-40E0-BB94-4642F09DDB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE8D88-E407-4E9F-8418-E95C16A55358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDEDE38-79FE-4B21-BE42-E8AA14475AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7128AC5-5DD7-4BD3-B14C-4ADA155DD5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA2C32DA-44CE-4407-84B2-02B0D0474000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B032B5-06AB-4ABE-B51E-DE5C13458C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F33168AF-A3FB-4694-9DC8-CC28A7C3B3E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1075D5D-5F81-4E26-90B0-60659B8D36B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "47805A52-856B-4C30-A04F-0B683FDBE075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB7C4A-7CF7-4D57-B65D-741AFA6393EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85522E25-E76C-4CCF-AB7C-A74E1703D919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AC3BE912-0B42-416B-A0E2-B17FDF07BAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "4FC9C2FB-A77B-4242-B4A1-92112E1C19B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41CA6DD3-FD39-482B-83AA-FE24055E9B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C28AB9A1-54B6-4C9A-8E4C-52A3BF147DE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28E4852C-4444-40BB-8DBB-51EC97D6BD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.13.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "602E20C8-9DFF-4D11-8F1E-F7E943E8FE30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.13.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DC5CE37E-7BAC-45D5-AD09-8823D893627C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B38DE1B4-44CF-4199-B739-5880F6492216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B25558F4-2DF6-4C00-969F-67F7C2A05668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.14.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8EFFEF57-8097-42B1-AC4F-20CEFAC4AFA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.14.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6DFF8BD7-7287-40B2-8BAC-46C85440882D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00C94601-5C7E-4B9B-A8C9-A78C7E529864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1926E877-9EA2-457B-B501-6E07760B38A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.15.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "604956F2-5FE8-4D0A-A5EF-20E6D0E89933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42D8445A-8F8D-47D3-BBE4-687BD00D2E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9DF848-DEFC-4F1C-81BF-BFD2E142565E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.16.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BBB8E443-4A8D-405D-AF18-D56EE3D3AB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.16.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5BAE4B32-F771-4DEA-9665-C862F3BA38B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21E8BAFB-6973-48DE-9835-93464882712A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.17.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "57BF8BF0-DAD0-472B-9A13-34633F2BED91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.17.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "06E40764-4AFD-4DAA-BC96-46881EB55F5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.17.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "412E6FAF-60A4-44DF-A1E5-BFBB127367B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBFEE9B-B3D5-4659-A833-03804A010474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.18.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F127574-4C2A-4D0D-9601-B369C9E75BC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "23A58518-4619-4B6C-A01E-875E7A02B563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A56402C5-9408-4A7C-A6BF-DF1707EE19F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.19.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "145FF5F2-E4DC-42AD-B320-A9A82D517073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.19.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "217B4501-AEBA-4417-87D8-0C18779F16F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3784F3AC-0A54-4453-85C9-33C5AF05564E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39900193-C2F2-424E-95A9-B7EF637A3F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.20.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "589B3B1E-5BCB-4BA3-B4A6-CD9FAF8AD05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.20.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0B5C6294-7BB5-4749-8F90-7AB3786696F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.8.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E2D3320-3A6E-4756-9314-78E5027CDD88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E55A7B81-4661-4E77-94FE-DA8D6261DC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "964672AE-C840-465E-BE8A-8E19D9C060AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "48827211-8F2F-4801-A5CD-77B07D1DD320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2463AD2-B341-494C-87AF-73B69B75D162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5DACA8-EBD6-4854-A32E-EDBD8C28B3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC77FCCF-EE5C-4121-A0AF-B9DC71E72C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33423-6093-4DC9-BCFF-77003776373E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9DEA8945-9ACD-4CE7-A5E6-5207E16C663E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B2A7FC21-74FF-48BF-9BA8-A143FCB2BF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C4FCD6B4-ED33-424F-AD30-64227894B0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC59D23-316D-43FC-9BA9-67E8BDAF5F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59556035-E04B-4350-BD3B-A3935C28C6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F73501-BE0D-4130-8077-D5D853E91F1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3C72C50B-12C1-4A1C-B51F-F66244C18CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6D3A3D9A-9F63-44FD-BF14-2DC3AE8C0D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56C40572-5FBE-4A39-AF3D-A335873BF660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "844232F0-D524-44E0-B420-2992BC0FED11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D73A9C29-4270-4126-9D6B-3780F6F3D7D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A402F4F2-73BC-49B1-B5DD-9231F090BFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "410D67F4-C941-4CBE-8D82-673217EE7FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45244F02-B71A-4692-BDAD-34C37ACAB676",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA73D5CD-0BBC-42EF-9693-265A0566E789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0574B440-5004-4F47-B657-1672E9092A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88E1F128-276F-4883-A93C-D5C7282925DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5392F1-57AC-4208-9646-42098CCEF80B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9D11D64C-6E1F-4014-88D2-F5FB61D66C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "036281DD-6F0A-4810-A1D3-952077896808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2749712C-929A-43F4-B58A-F9F777DBD84D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "92AD9878-F87D-43AC-BE2B-514977F5A182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1A9089A8-55D4-4992-BAC0-FE5BE3E2F472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F33E93C3-D4A3-4A38-84E1-0D3CB8915418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A1EE57-D8ED-4A2E-BE71-043E06EA4F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BC400500-F1CF-4D13-A18E-25B5EE70F3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A215C07A-6E8C-4EEB-AD94-68A75BE7DB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9764E3-DA33-4A31-97C7-E523D6DE6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "703FBE7B-CAD4-43B4-920D-DFC28CFFB7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.11.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "00750678-5A5E-4A75-A405-3D42E1CB147A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "31228737-2F7E-434A-B4FE-E1C9BB71D893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A84F1317-E44E-4CD4-8979-DC335AD8B457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D358E8-6399-4568-9ECC-CA084B80129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1DC34227-26A7-44C1-B5CB-C7328134316B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E2E2701A-489E-4A9C-9E5C-01661E599BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:10.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D13892E-0D45-438B-A126-439335B47C90",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0D8EF3-6BA5-4C60-8130-DF62A9592CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "1B00830D-18F2-4A68-926A-2FD397674F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "3C2E04B4-C70D-40AE-AEA5-0D39304F6C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9C86349C-EBD4-4857-9B4B-7A608F32BBCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7E88AC6C-50F6-486D-B0D0-97477FCD520D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "171B2532-F5D2-4C3C-9C23-405839F590BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5923D0-F168-404B-9190-871D52D74DAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "50617F5A-5BAE-4C4A-975A-B23E9171ABDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BE09B558-576C-461C-8089-8EE59F168ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "83DEBCA4-F4CC-4E78-A80F-C673105FA868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3720E8-67C2-492D-9DBA-6ED9085CB01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28E2C7E4-226C-4420-856D-E420633E301F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA3CDE0-AAE5-48A4-98C3-767CCCC3C9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8B73137F-79EA-48DD-B29E-41DB8C20711B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1F185B3E-9594-4AFD-B16B-6C82A03B93B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:11.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3740427-BBC9-4D76-9F54-C13AF097CD05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15:cert1:*:*:*:*:*:*",
"matchCriteriaId": "E6025382-31C8-4227-B44F-856FD014B283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15:cert1:rc1:*:*:*:*:*",
"matchCriteriaId": "0DAEE2C6-008C-476D-8464-3C616E5CA805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15:cert1:rc2:*:*:*:*:*",
"matchCriteriaId": "688A1BA8-A195-41E9-812D-F4400EFA5B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15:cert1:rc3:*:*:*:*:*",
"matchCriteriaId": "177A2158-B36D-4B6D-9FEA-2DF32830AE56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A84E1FF-10CB-45AA-B2EC-6FB6E78C6D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.15.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "83726255-3A94-49A7-A43F-414CA0A814FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0188A765-4376-4EDC-8070-74B6882253B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "98F95DCC-6B40-42D6-BDA4-8BBE5C4AB4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "28051F65-0862-438F-B4D6-1F7F1B93A76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "344BE33A-2345-48C4-91EB-58C4EC2499B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C38C7220-D25C-4399-A414-0541A44DCD6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E69A7B6F-1D33-471D-80B2-37D30817FD7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7DA77C-2D86-4815-905F-78B9B55B4790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D4C5D9FD-24AD-4C73-ACA3-924AA2D4C041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "039D01BB-9B67-467B-9E5D-89208C4F9595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87B7DFEB-9DDF-4DE7-A295-869F810FD5BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C0C0F3B5-97EF-4806-AD51-DD201F35F44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E08D0CC7-7339-4468-9CC6-7007D859160C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "ACAF81C5-D3B2-4D7E-BD1F-2FFCEDE3E2B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3146A017-A6A5-4C3D-8138-EBE552A99F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEECF41-6AFA-4067-ADB4-EA53A6C77740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "271F0ACA-F4F5-4FD9-8F39-56722EE40D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "AEAF9BED-896B-4E0D-AE2A-65ADA2B96876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32A45F41-BA2A-4878-82BA-2C1EE3301708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AAEBB11B-AC3A-46C2-94F6-7B68994E47C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "28A8C554-04E9-4A86-B2CA-12B19BF5BD9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.4.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "CC2E7D4E-2713-4F50-A646-8643FA31C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "295AE899-CE46-4904-AA88-F05D857D50F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EC070B60-E90E-432F-AF02-5BCD6CFA8902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E6FE1237-4974-4F87-BB44-1608D5879856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14248FC6-A833-4918-AC6D-94DC75E28D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0FA03327-13B9-488D-A1D7-59AB07926B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2CC53629-1F20-4B22-9465-63250F917007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62F912BF-1512-45E8-9035-750F083D60B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "540F8042-4B26-4078-ACE7-DBAC45D4FA93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17DC68FD-F05E-4821-BAA1-5A871C8C39AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6093D29F-64F8-4E3E-B6C4-646D0D6A6B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "9424B04A-6262-4E31-BFD3-F5849EF32771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39147BA2-6F85-4E88-A896-B5F5C571A835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A54E95F9-2CFC-43C6-AF6B-44ABC5555C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FB53F9D1-14EC-4B00-9A72-E086D2EB27F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4C48AD83-84B9-4A92-8C88-FC4F966644DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39202DF6-359E-4A62-98B4-D42A5F899717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.11.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C7134E96-F5EF-4E87-9B11-DAA2A1D90761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2A761C15-53E2-4BDC-AF7B-86BCB7F10466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "C3288F41-D446-4899-9AC7-60EB72145ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44027DC7-1BD6-4F17-AD4F-6D6457B779FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "170DEF44-9D18-4C9E-919F-5B7CC2C7D727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.12.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1674C43B-51DE-484C-8B87-CF3256589BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:asterisk:digiumphones:10.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEFB68A-9C07-468F-A118-315D8DB21897",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976."
},
{
"lang": "es",
"value": "main/http.c en el servidor HTTP Asterisk Open Source v1.8.x antes de v1.8.20.2, v10.x antes v10.12.2 y v11.2.2 v11.x antes; Certified Asterisk v1.8.15 antes de v8.1.15-cert2; y Digiumphones Asterisk v10.x-digiumphones antes de v10.12.2-digiumphones no restringe correctamente valores Content-Length, que permite a atacantes remotos realizar ataques de consumo de la pila y provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de una petici\u00f3n POST HTTP manipulada. NOTA: esta vulnerabilidad se debe a una soluci\u00f3n incorrecta para CVE-2012-5976."
}
],
"id": "CVE-2013-2686",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-01T16:55:04.100",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-002.html"
},
{
"source": "cve@mitre.org",
"url": "http://telussecuritylabs.com/threats/show/TSL20130327-01"
},
{
"source": "cve@mitre.org",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2013-002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://telussecuritylabs.com/threats/show/TSL20130327-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.asterisk.org/jira/browse/ASTERISK-20967"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}