This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:digium:asterisk:1.4.2
Detail
VendorDigiumFirst view 2007-10-12
ProductAsteriskLast view2014-11-24
Version1.4.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:digium:asterisk

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52014-11-24CVE-2014-8416NetworkLowNone Requ...
52014-11-24CVE-2014-8415NetworkLowNone Requ...
7.52014-11-24CVE-2014-8413NetworkLowNone Requ...
4.32014-06-17CVE-2014-4048NetworkMediumNone Requ...
4.32012-09-18CVE-2012-1183NetworkMediumNone Requ...
Hide | Show 14 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52011-12-14CVE-2011-4597NetworkLowNone Requ...
52011-07-06CVE-2011-2666NetworkLowNone Requ...
52011-07-06CVE-2011-2536NetworkLowNone Requ...
52011-07-06CVE-2011-2535NetworkLowNone Requ...
92011-04-26CVE-2011-1599NetworkLowRequires ...
52011-04-26CVE-2011-1507NetworkLowNone Requ...
6.82011-03-15CVE-2011-1147NetworkMediumNone Requ...
62011-01-20CVE-2011-0495NetworkMediumRequires ...
52010-02-23CVE-2010-0685NetworkLowNone Requ...
52009-12-02CVE-2009-4055NetworkLowNone Requ...
52009-11-10CVE-2009-3727NetworkLowNone Requ...
7.52007-11-29CVE-2007-6171NetworkLowNone Requ...
6.52007-11-29CVE-2007-6170NetworkLowRequires ...
6.82007-10-12CVE-2007-5358NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
25% (4)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
25% (4)CWE-20Improper Input Validation
18% (3)CWE-200Information Exposure
12% (2)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
6% (1)CWE-399Resource Management Errors
Hide | Show 2 More...
%idName
6% (1)CWE-264Permissions, Privileges, and Access Controls
6% (1)CWE-16Configuration

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:12914DSA-2225-1 asterisk -- several
oval:org.mitre.oval:def:12470DSA-2171-1 asterisk -- buffer overflow
oval:org.mitre.oval:def:13073DSA-2276-1 asterisk -- multiple denial of service
oval:org.mitre.oval:def:12933DSA-2276-2 asterisk -- multiple denial of service
oval:org.mitre.oval:def:18041DSA-1417-1 asterisk - SQL injection
Hide | Show 1 More...
idName
oval:org.mitre.oval:def:18445DSA-2493-1 asterisk - denial of service

Open Source Vulnerability Database (OSVDB)

idDescription
77597Asterisk Request Response Port SIP Peer Enumeration
74352Asterisk SIP Channel Driver Default Configuration Invalid SIP Request Usernam...
73434Asterisk Multiple Products Manager Interface manager.c Originate Action Remot...
73433Asterisk Multiple Products Unauthenticated Session Connection Saturation Remo...
73309Asterisk channels/chan_iax2.c iax2_setoption() Function Invalid Pointer DoS
Hide | Show 10 More...
idDescription
73257Asterisk SIP Multiple Message Response Username Enumeration
70968Asterisk main/udptl.c Multiple Function UPDTL Packet Handling Overflow
70518Asterisk main/utils.c ast_uri_encode() Function Caller ID Information Overflow
62451Asterisk Dialplan Wildcard Pattern Configuration Manipulation
60569Asterisk rtp.c RTP Comfort Noise Payload Remote DoS
59697Asterisk SIP REGISTER Response Username Enumeration Weakness
38933Asterisk Postgres Realtime Engine SQL Injection
38932Asterisk Call Detail Record Postgres Multiple Strings SQL Injection
38202Asterisk IMAP Voicemail Backend Crafted Fields Local Overflow
38201Asterisk IMAP Voicemail Backend Crafted Content Header Remote Overflow

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-4230
File : nvt/gb_fedora_2012_4230_asterisk_fc17.nasl
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-6704
File : nvt/gb_fedora_2012_6704_asterisk_fc17.nasl
2012-08-10Name : Debian Security Advisory DSA 2493-1 (asterisk)
File : nvt/deb_2493_1.nasl
2012-05-04Name : Fedora Update for asterisk FEDORA-2012-6612
File : nvt/gb_fedora_2012_6612_asterisk_fc16.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-21 (Asterisk)
File : nvt/glsa_201203_21.nasl
Hide | Show 20 More...
idDescription
2012-04-30Name : Debian Security Advisory DSA 2460-1 (asterisk)
File : nvt/deb_2460_1.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4259
File : nvt/gb_fedora_2012_4259_asterisk_fc15.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4318
File : nvt/gb_fedora_2012_4318_asterisk_fc16.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-21 (Asterisk)
File : nvt/glsa_201110_21.nasl
2012-02-11Name : Debian Security Advisory DSA 2367-1 (asterisk)
File : nvt/deb_2367_1.nasl
2011-08-03Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk142.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-1 (asterisk)
File : nvt/deb_2276_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-2 (asterisk)
File : nvt/deb_2276_2.nasl
2011-07-18Name : Fedora Update for asterisk FEDORA-2011-8914
File : nvt/gb_fedora_2011_8914_asterisk_fc14.nasl
2011-05-17Name : Fedora Update for asterisk FEDORA-2011-6225
File : nvt/gb_fedora_2011_6225_asterisk_fc14.nasl
2011-05-12Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk141.nasl
2011-05-12Name : Debian Security Advisory DSA 2225-1 (asterisk)
File : nvt/deb_2225_1.nasl
2011-05-10Name : Fedora Update for asterisk FEDORA-2011-6208
File : nvt/gb_fedora_2011_6208_asterisk_fc13.nasl
2011-03-15Name : Fedora Update for asterisk FEDORA-2011-2438
File : nvt/gb_fedora_2011_2438_asterisk_fc14.nasl
2011-03-15Name : Fedora Update for asterisk FEDORA-2011-2558
File : nvt/gb_fedora_2011_2558_asterisk_fc13.nasl
2011-03-09Name : Debian Security Advisory DSA 2171-1 (asterisk)
File : nvt/deb_2171_1.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201006-20 (asterisk)
File : nvt/glsa_201006_20.nasl
2011-03-05Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk140.nasl
2011-02-04Name : Fedora Update for asterisk FEDORA-2011-0774
File : nvt/gb_fedora_2011_0774_asterisk_fc14.nasl
2011-02-04Name : Fedora Update for asterisk FEDORA-2011-0794
File : nvt/gb_fedora_2011_0794_asterisk_fc13.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0085Multiple Vulnerabilities in Asterisk Products
Severity : Category I - VMSKEY : V0052633

Snort® IPS/IDS

DateDescription
2014-01-10Digium Asterisk RTP comfort noise denial of service attempt
RuleID : 24270 - Type : PROTOCOL-VOIP - Revision : 2
2014-01-10Digium Asterisk UDPTL processing overflow attempt
RuleID : 19167 - Type : PROTOCOL-VOIP - Revision : 9

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-11-25Name : The version of Asterisk running on the remote host may be affected by multipl...
File : asterisk_ast_2014_013.nasl - Type : ACT_GATHER_INFO
2014-06-17Name : The version of Asterisk running on the remote may be affected by multiple den...
File : asterisk_ast_2014_008.nasl - Type : ACT_GATHER_INFO
2012-06-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2493.nasl - Type : ACT_GATHER_INFO
2012-06-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201203-21.nasl - Type : ACT_GATHER_INFO
2012-05-07Name : The remote Fedora host is missing a security update.
File : fedora_2012-6704.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2012-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-6612.nasl - Type : ACT_GATHER_INFO
2012-04-26Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2460.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote Fedora host is missing a security update.
File : fedora_2012-4230.nasl - Type : ACT_GATHER_INFO
2012-04-02Name : The remote Fedora host is missing a security update.
File : fedora_2012-4259.nasl - Type : ACT_GATHER_INFO
2012-04-02Name : The remote Fedora host is missing a security update.
File : fedora_2012-4318.nasl - Type : ACT_GATHER_INFO
2012-03-22Name : The version of Asterisk running on the remote host may be affected by a denia...
File : asterisk_ast_2012_002.nasl - Type : ACT_GATHER_INFO
2012-01-12Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2367.nasl - Type : ACT_GATHER_INFO
2011-12-14Name : The version of Asterisk running on the remote host may be affected by multipl...
File : asterisk_ast_2011_014.nasl - Type : ACT_GATHER_INFO
2011-12-09Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_bb38913721fb11e189b4001ec9578670.nasl - Type : ACT_GATHER_INFO
2011-11-22Name : The version of Asterisk running on the remote host may be affected by an info...
File : asterisk_ast_2011_011.nasl - Type : ACT_GATHER_INFO
2011-10-25Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201110-21.nasl - Type : ACT_GATHER_INFO
2011-07-13Name : The remote Fedora host is missing a security update.
File : fedora_2011-8914.nasl - Type : ACT_GATHER_INFO
2011-07-12Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2276.nasl - Type : ACT_GATHER_INFO
2011-06-29Name : The version of Asterisk running on the remote host may be affected by multipl...
File : asterisk_ast_2011_010.nasl - Type : ACT_GATHER_INFO
2011-06-27Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_40544e8c9f7b11e09bec6c626dd55a41.nasl - Type : ACT_GATHER_INFO
2011-05-17Name : The remote Fedora host is missing a security update.
File : fedora_2011-6225.nasl - Type : ACT_GATHER_INFO
2011-05-09Name : The remote Fedora host is missing a security update.
File : fedora_2011-6208.nasl - Type : ACT_GATHER_INFO
2011-04-27Name : The remote Fedora host is missing a security update.
File : fedora_2011-5835.nasl - Type : ACT_GATHER_INFO
2011-04-27Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2225.nasl - Type : ACT_GATHER_INFO
2011-04-25Name : The version of Asterisk running on the remote host may be affected by multipl...
File : asterisk_ast_2011_006.nasl - Type : ACT_GATHER_INFO