This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:asterisk:open_source:1.2.7.1:netsec
Detail
VendorAsteriskFirst view 2008-01-07
ProductOpen SourceLast view2012-08-31
Version1.2.7.1TypeApplication
Edition 
Language 
Updatenetsec 
 
CPE Productcpe:/a:asterisk:open_source

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
92012-08-31CVE-2012-2186NetworkLowRequires ...
42012-06-02CVE-2012-2948NetworkLowRequires ...
7.82009-09-08CVE-2009-2346NetworkLowNone Requ...
7.82009-08-12CVE-2009-2726NetworkLowNone Requ...
52009-01-14CVE-2009-0041NetworkLowNone Requ...
Hide | Show 6 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32008-06-04CVE-2008-2119NetworkMediumNone Requ...
7.12008-04-23CVE-2008-1923NetworkMediumNone Requ...
4.32008-04-23CVE-2008-1897NetworkMediumNone Requ...
7.52008-03-24CVE-2008-1289NetworkLowNone Requ...
8.82008-03-19CVE-2008-1332NetworkMediumNone Requ...
52008-01-07CVE-2008-0095NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
30% (3)CWE-399Resource Management Errors
20% (2)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (1)CWE-287Improper Authentication
10% (1)CWE-264Permissions, Privileges, and Access Controls
10% (1)CWE-200Information Exposure
Hide | Show 2 More...
%idName
10% (1)CWE-20Improper Input Validation
10% (1)CWE-16Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99XML Parser Attack
CAPEC-119Resource Depletion
CAPEC-121Locate and Exploit Test APIs
Hide | Show 7 More...
idName
CAPEC-125Resource Depletion through Flooding
CAPEC-130Resource Depletion through Allocation
CAPEC-147XML Ping of Death
CAPEC-197XEE (XML Entity Expansion)
CAPEC-227Denial of Service through Resource Depletion
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229XML Attribute Blowup

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:7422DSA-1563 asterisk -- programming error
oval:org.mitre.oval:def:20041DSA-1563-1 asterisk - denial of service

Open Source Vulnerability Database (OSVDB)

idDescription
57762Asterisk IAX2 Call Number Resource Exhaustion Remote DoS
56991Asterisk Multiple Function Maximum Width Handling Remote DoS
51373Asterisk IAX2 User Account Enumeration Weakness
46014Asterisk Pedantic Parsing SIP INVITE Message Handling Remote DoS
44649Asterisk Open Source IAX2 Channel Driver (chan_iax2) Spoofed ACK Response Han...
Hide | Show 4 More...
idDescription
44648Asterisk IAX2 Channel Driver (chan_iax2) Spoofed NEW Message Remote DoS
43416Asterisk RTP Payload Handling Multiple Remote Overflows
43415Asterisk SIP Channel Driver Unauthenticated Call Remote Privilege Escalation
39841Asterisk BYE/Also Transfer Method DoS

Milw0rm Exploits

idDescription
2008-06-05Asterisk (SIP channel driver / in pedantic mode) Remote Crash Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-10-03Name : Debian Security Advisory DSA 2550-2 (asterisk)
File : nvt/deb_2550_2.nasl
2012-10-03Name : Gentoo Security Advisory GLSA 201209-15 (asterisk)
File : nvt/glsa_201209_15.nasl
2012-09-23Name : Debian Security Advisory DSA 2550-1 (asterisk)
File : nvt/deb_2550_1.nasl
2012-09-22Name : Fedora Update for asterisk FEDORA-2012-13338
File : nvt/gb_fedora_2012_13338_asterisk_fc17.nasl
2012-09-22Name : Fedora Update for asterisk FEDORA-2012-13437
File : nvt/gb_fedora_2012_13437_asterisk_fc16.nasl
Hide | Show 20 More...
idDescription
2012-08-30Name : FreeBSD Ports: asterisk
File : nvt/freebsd_asterisk2.nasl
2012-08-10Name : Debian Security Advisory DSA 2493-1 (asterisk)
File : nvt/deb_2493_1.nasl
2012-08-10Name : FreeBSD Ports: asterisk10
File : nvt/freebsd_asterisk10.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-05 (Asterisk)
File : nvt/glsa_201206_05.nasl
2012-05-31Name : FreeBSD Ports: asterisk16
File : nvt/freebsd_asterisk161.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201006-20 (asterisk)
File : nvt/glsa_201006_20.nasl
2009-12-30Name : Debian Security Advisory DSA 1952-1 (asterisk)
File : nvt/deb_1952_1.nasl
2009-12-14Name : Fedora Core 10 FEDORA-2009-12461 (asterisk)
File : nvt/fcore_2009_12461.nasl
2009-12-03Name : Fedora Core 10 FEDORA-2009-11126 (asterisk)
File : nvt/fcore_2009_11126.nasl
2009-09-28Name : Fedora Core 10 FEDORA-2009-9374 (asterisk)
File : nvt/fcore_2009_9374.nasl
2009-09-28Name : Fedora Core 11 FEDORA-2009-9405 (asterisk)
File : nvt/fcore_2009_9405.nasl
2009-09-18Name : Asterisk IAX2 Call Number Exhaustion DOS Vulnerability (Linux)
File : nvt/secpod_asterisk_iax2_call_number_dos_vuln.nasl
2009-09-02Name : Asterisk SIP Channel Driver Denial Of Service Vulnerability (Linux)
File : nvt/secpod_asterisk_sip_channel_driver_dos_vuln.nasl
2009-05-05Name : Gentoo Security Advisory GLSA 200905-01 (asterisk)
File : nvt/glsa_200905_01.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-3365
File : nvt/gb_fedora_2008_3365_asterisk_fc7.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-3390
File : nvt/gb_fedora_2008_3390_asterisk_fc8.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-0198
File : nvt/gb_fedora_2008_0198_asterisk_fc7.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-0199
File : nvt/gb_fedora_2008_0199_asterisk_fc8.nasl
2009-02-16Name : Fedora Update for asterisk FEDORA-2008-2554
File : nvt/gb_fedora_2008_2554_asterisk_fc8.nasl
2009-02-16Name : Fedora Update for asterisk FEDORA-2008-2620
File : nvt/gb_fedora_2008_2620_asterisk_fc7.nasl

Snort® IPS/IDS

DateDescription
2015-03-17Digium Asterisk SIP channel driver denial of service attempt
RuleID : 33445 - Type : PROTOCOL-VOIP - Revision : 1
2014-01-10Digium Asterisk IAX2 call number denial of service
RuleID : 21608 - Type : PROTOCOL-VOIP - Revision : 2
2014-01-10Digium Asterisk Attribute header rtpmap field buffer overflow attempt
RuleID : 20392 - Type : PROTOCOL-VOIP - Revision : 9
2014-01-10Digium Asterisk Attribute header rtpmap field buffer overflow attempt
RuleID : 20391 - Type : PROTOCOL-VOIP - Revision : 9
2014-01-10Attribute header rtpmap field invalid payload type
RuleID : 20390 - Type : PROTOCOL-VOIP - Revision : 8
Hide | Show 7 More...
DateDescription
2014-01-10Digium Asterisk IAX2 ack response denial of service attempt
RuleID : 16445 - Type : PROTOCOL-VOIP - Revision : 11
2014-01-10CSeq buffer overflow attempt
RuleID : 16351 - Type : PROTOCOL-VOIP - Revision : 11
2014-01-10Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16212 - Type : DOS - Revision : 2
2014-01-10Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16211 - Type : DOS - Revision : 2
2014-01-10Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16210 - Type : DOS - Revision : 2
2014-01-10Attribute header rtpmap field invalid payload type
RuleID : 13693 - Type : PROTOCOL-VOIP - Revision : 12
2014-01-10CSeq buffer overflow attempt
RuleID : 11971 - Type : PROTOCOL-VOIP - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-09-27Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201209-15.nasl - Type : ACT_GATHER_INFO
2012-09-19Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2550.nasl - Type : ACT_GATHER_INFO
2012-09-18Name : The remote Fedora host is missing a security update.
File : fedora_2012-13286.nasl - Type : ACT_GATHER_INFO
2012-09-18Name : The remote Fedora host is missing a security update.
File : fedora_2012-13338.nasl - Type : ACT_GATHER_INFO
2012-09-18Name : The remote Fedora host is missing a security update.
File : fedora_2012-13437.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2012-09-06Name : A telephony application running on the remote host is affected by a security ...
File : asterisk_ast_2012_012.nasl - Type : ACT_GATHER_INFO
2012-08-31Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4c53f007f2ed11e1a21514dae9ebcf89.nasl - Type : ACT_GATHER_INFO
2012-06-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2493.nasl - Type : ACT_GATHER_INFO
2012-06-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-05.nasl - Type : ACT_GATHER_INFO
2012-06-14Name : A telephony application running on the remote host is affected by a denial of...
File : asterisk_ast_2012_008.nasl - Type : ACT_GATHER_INFO
2012-05-30Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_359f615da9e111e18a6614dae9ebcf89.nasl - Type : ACT_GATHER_INFO
2010-06-04Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201006-20.nasl - Type : ACT_GATHER_INFO
2010-02-24Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1952.nasl - Type : ACT_GATHER_INFO
2009-09-28Name : The remote Fedora host is missing a security update.
File : fedora_2009-9374.nasl - Type : ACT_GATHER_INFO
2009-09-28Name : The remote Fedora host is missing a security update.
File : fedora_2009-9405.nasl - Type : ACT_GATHER_INFO
2009-09-08Name : The remote VoIP service is susceptible to a denial of service attack.
File : asterisk_iax2_call_number_dos.nasl - Type : ACT_GATHER_INFO
2009-05-04Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200905-01.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Fedora host is missing a security update.
File : fedora_2009-0984.nasl - Type : ACT_GATHER_INFO
2009-02-13Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-0973.nasl - Type : ACT_GATHER_INFO
2008-08-15Name : The remote openSUSE host is missing a security update.
File : suse_asterisk-5524.nasl - Type : ACT_GATHER_INFO
2008-05-07Name : It is possible to bypass authentication and make calls using the remote VoIP ...
File : asterisk_sip_auth_bypass.nasl - Type : ACT_ATTACK
2008-05-06Name : The remote VoIP service can be abused to conduct an amplification attack agai...
File : asterisk_iax2_spoofed_handshake.nasl - Type : ACT_ATTACK
2008-05-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1563.nasl - Type : ACT_GATHER_INFO
2008-05-01Name : The remote Fedora host is missing a security update.
File : fedora_2008-3365.nasl - Type : ACT_GATHER_INFO
2008-05-01Name : The remote Fedora host is missing a security update.
File : fedora_2008-3390.nasl - Type : ACT_GATHER_INFO