This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:digium:asterisk:1.4.25
Detail
VendorDigiumFirst view 2009-11-10
ProductAsteriskLast view2014-11-24
Version1.4.25TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:digium:asterisk

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
92014-11-24CVE-2014-8418NetworkLowRequires ...
6.52014-11-24CVE-2014-8417NetworkLowRequires ...
52014-11-24CVE-2014-8416NetworkLowNone Requ...
52014-11-24CVE-2014-8415NetworkLowNone Requ...
52014-11-24CVE-2014-8414NetworkLowNone Requ...
Hide | Show 17 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52014-11-24CVE-2014-8413NetworkLowNone Requ...
52014-11-24CVE-2014-8412NetworkLowNone Requ...
4.32014-06-17CVE-2014-4048NetworkMediumNone Requ...
4.32013-01-04CVE-2012-5977NetworkMediumNone Requ...
52013-01-04CVE-2012-5976NetworkLowNone Requ...
4.32012-09-18CVE-2012-1183NetworkMediumNone Requ...
52011-12-14CVE-2011-4597NetworkLowNone Requ...
52011-07-06CVE-2011-2666NetworkLowNone Requ...
52011-07-06CVE-2011-2536NetworkLowNone Requ...
52011-07-06CVE-2011-2535NetworkLowNone Requ...
92011-04-26CVE-2011-1599NetworkLowRequires ...
52011-04-26CVE-2011-1507NetworkLowNone Requ...
6.82011-03-15CVE-2011-1147NetworkMediumNone Requ...
62011-01-20CVE-2011-0495NetworkMediumRequires ...
52010-02-23CVE-2010-0685NetworkLowNone Requ...
52009-12-02CVE-2009-4055NetworkLowNone Requ...
52009-11-10CVE-2009-3727NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
26% (5)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
21% (4)CWE-264Permissions, Privileges, and Access Controls
21% (4)CWE-20Improper Input Validation
15% (3)CWE-200Information Exposure
10% (2)CWE-399Resource Management Errors
Hide | Show 1 More...
%idName
5% (1)CWE-16Configuration

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:12914DSA-2225-1 asterisk -- several
oval:org.mitre.oval:def:12470DSA-2171-1 asterisk -- buffer overflow
oval:org.mitre.oval:def:18564DSA-2605-1 asterisk - several issues
oval:org.mitre.oval:def:28902DSA-2605-2 -- asterisk -- several issues
oval:org.mitre.oval:def:13073DSA-2276-1 asterisk -- multiple denial of service
Hide | Show 2 More...
idName
oval:org.mitre.oval:def:12933DSA-2276-2 asterisk -- multiple denial of service
oval:org.mitre.oval:def:18445DSA-2493-1 asterisk - denial of service

Open Source Vulnerability Database (OSVDB)

idDescription
77597Asterisk Request Response Port SIP Peer Enumeration
74352Asterisk SIP Channel Driver Default Configuration Invalid SIP Request Usernam...
73434Asterisk Multiple Products Manager Interface manager.c Originate Action Remot...
73433Asterisk Multiple Products Unauthenticated Session Connection Saturation Remo...
73309Asterisk channels/chan_iax2.c iax2_setoption() Function Invalid Pointer DoS
Hide | Show 6 More...
idDescription
73257Asterisk SIP Multiple Message Response Username Enumeration
70968Asterisk main/udptl.c Multiple Function UPDTL Packet Handling Overflow
70518Asterisk main/utils.c ast_uri_encode() Function Caller ID Information Overflow
62451Asterisk Dialplan Wildcard Pattern Configuration Manipulation
60569Asterisk rtp.c RTP Comfort Noise Payload Remote DoS
59697Asterisk SIP REGISTER Response Username Enumeration Weakness

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-4230
File : nvt/gb_fedora_2012_4230_asterisk_fc17.nasl
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-6704
File : nvt/gb_fedora_2012_6704_asterisk_fc17.nasl
2012-08-10Name : Debian Security Advisory DSA 2493-1 (asterisk)
File : nvt/deb_2493_1.nasl
2012-05-04Name : Fedora Update for asterisk FEDORA-2012-6612
File : nvt/gb_fedora_2012_6612_asterisk_fc16.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-21 (Asterisk)
File : nvt/glsa_201203_21.nasl
Hide | Show 20 More...
idDescription
2012-04-30Name : Debian Security Advisory DSA 2460-1 (asterisk)
File : nvt/deb_2460_1.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4259
File : nvt/gb_fedora_2012_4259_asterisk_fc15.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4318
File : nvt/gb_fedora_2012_4318_asterisk_fc16.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-21 (Asterisk)
File : nvt/glsa_201110_21.nasl
2012-02-11Name : Debian Security Advisory DSA 2367-1 (asterisk)
File : nvt/deb_2367_1.nasl
2011-08-03Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk142.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-1 (asterisk)
File : nvt/deb_2276_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-2 (asterisk)
File : nvt/deb_2276_2.nasl
2011-07-18Name : Fedora Update for asterisk FEDORA-2011-8914
File : nvt/gb_fedora_2011_8914_asterisk_fc14.nasl
2011-05-17Name : Fedora Update for asterisk FEDORA-2011-6225
File : nvt/gb_fedora_2011_6225_asterisk_fc14.nasl
2011-05-12Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk141.nasl
2011-05-12Name : Debian Security Advisory DSA 2225-1 (asterisk)
File : nvt/deb_2225_1.nasl
2011-05-10Name : Fedora Update for asterisk FEDORA-2011-6208
File : nvt/gb_fedora_2011_6208_asterisk_fc13.nasl
2011-03-15Name : Fedora Update for asterisk FEDORA-2011-2438
File : nvt/gb_fedora_2011_2438_asterisk_fc14.nasl
2011-03-15Name : Fedora Update for asterisk FEDORA-2011-2558
File : nvt/gb_fedora_2011_2558_asterisk_fc13.nasl
2011-03-09Name : Debian Security Advisory DSA 2171-1 (asterisk)
File : nvt/deb_2171_1.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201006-20 (asterisk)
File : nvt/glsa_201006_20.nasl
2011-03-05Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk140.nasl
2011-02-04Name : Fedora Update for asterisk FEDORA-2011-0774
File : nvt/gb_fedora_2011_0774_asterisk_fc14.nasl
2011-02-04Name : Fedora Update for asterisk FEDORA-2011-0794
File : nvt/gb_fedora_2011_0794_asterisk_fc13.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0085Multiple Vulnerabilities in Asterisk Products
Severity : Category I - VMSKEY : V0052633

Snort® IPS/IDS

DateDescription
2014-01-10Digium Asterisk oversized Content-Length memory corruption attempt
RuleID : 25276 - Type : SERVER-OTHER - Revision : 3
2014-01-10Digium Asterisk RTP comfort noise denial of service attempt
RuleID : 24270 - Type : PROTOCOL-VOIP - Revision : 2
2014-01-10Digium Asterisk UDPTL processing overflow attempt
RuleID : 19167 - Type : PROTOCOL-VOIP - Revision : 9

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2016-05-04Name : The remote Debian host is missing a security update.
File : debian_DLA-455.nasl - Type : ACT_GATHER_INFO
2014-12-29Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-51.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2014_012.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2014_013.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by a denial of...
File : asterisk_ast_2014_014.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2014-11-25Name : A telephony application running on the remote host is affected by a privilege...
File : asterisk_ast_2014_017.nasl - Type : ACT_GATHER_INFO
2014-11-24Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_7bfd797c716d11e4b008001999f8d30b.nasl - Type : ACT_GATHER_INFO
2014-11-24Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_a92ed304716c11e4b008001999f8d30b.nasl - Type : ACT_GATHER_INFO
2014-06-17Name : A telephony application running on the remote host is affected by multiple de...
File : asterisk_ast_2014_008.nasl - Type : ACT_GATHER_INFO
2014-01-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-15.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-140.nasl - Type : ACT_GATHER_INFO
2013-02-20Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2012_015.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-0992.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-0994.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-1003.nasl - Type : ACT_GATHER_INFO
2013-01-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2605.nasl - Type : ACT_GATHER_INFO
2013-01-04Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f7c87a8a55d511e2a255c8600054b392.nasl - Type : ACT_GATHER_INFO
2012-06-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2493.nasl - Type : ACT_GATHER_INFO
2012-06-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201203-21.nasl - Type : ACT_GATHER_INFO
2012-05-07Name : The remote Fedora host is missing a security update.
File : fedora_2012-6704.nasl - Type : ACT_GATHER_INFO
2012-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-6612.nasl - Type : ACT_GATHER_INFO
2012-04-26Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2460.nasl - Type : ACT_GATHER_INFO
2012-04-12Name : The remote Fedora host is missing a security update.
File : fedora_2012-4230.nasl - Type : ACT_GATHER_INFO
2012-04-02Name : The remote Fedora host is missing a security update.
File : fedora_2012-4259.nasl - Type : ACT_GATHER_INFO
2012-04-02Name : The remote Fedora host is missing a security update.
File : fedora_2012-4318.nasl - Type : ACT_GATHER_INFO