This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:asterisk:open_source:1.2.7.1:netsec
Detail
VendorAsteriskFirst view 2008-04-23
ProductOpen SourceLast view 2009-09-08
Version1.2.7.1TypeApplication
Edition 
Language 
Updatenetsec 
 
CPE Productcpe:/a:asterisk:open_source

Activity : Yearly

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentification
7.82009-09-08CVE-2009-2346NetworkLowNone Requ...
7.82009-08-12CVE-2009-2726NetworkLowNone Requ...
7.12008-04-23CVE-2008-1923NetworkMediumNone Requ...
4.32008-04-23CVE-2008-1897NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
25% (1)CWE-399Resource Management Errors
25% (1)CWE-287Improper Authentication
25% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
25% (1)CWE-16Configuration

CAPEC : Common Attack Pattern Enumeration & Classificatio

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99XML Parser Attack
CAPEC-119Resource Depletion
CAPEC-121Locate and Exploit Test APIs
Hide | Show 7 More...
idName
CAPEC-125Resource Depletion through Flooding
CAPEC-130Resource Depletion through Allocation
CAPEC-147XML Ping of Death
CAPEC-197XEE (XML Entity Expansion)
CAPEC-227Denial of Service through Resource Depletion
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229XML Attribute Blowup

Open Source Vulnerability Database (OSVDB)

idDescription
57762Asterisk IAX2 Call Number Resource Exhaustion Remote DoS
56991Asterisk Multiple Function Maximum Width Handling Remote DoS
44649Asterisk Open Source IAX2 Channel Driver (chan_iax2) Spoofed ACK Response Han...
44648Asterisk IAX2 Channel Driver (chan_iax2) Spoofed NEW Message Remote DoS