This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:asterisk:asterisknow:beta_5
Detail
VendorAsteriskFirst view 2007-07-18
ProductAsterisknowLast view2008-07-24
Versionbeta_5TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:asterisk:asterisknow

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.82008-07-24CVE-2008-3264NetworkLowNone Requ...
7.12008-04-23CVE-2008-1923NetworkMediumNone Requ...
4.32008-04-23CVE-2008-1897NetworkMediumNone Requ...
9.32008-03-24CVE-2008-1390NetworkMediumNone Requ...
7.52008-03-24CVE-2008-1289NetworkLowNone Requ...
Hide | Show 8 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
8.82008-03-19CVE-2008-1332NetworkMediumNone Requ...
52008-01-07CVE-2008-0095NetworkLowNone Requ...
52007-08-21CVE-2007-4455NetworkLowNone Requ...
3.52007-08-09CVE-2007-4280NetworkMediumRequires ...
52007-07-18CVE-2007-3765NetworkLowNone Requ...
52007-07-18CVE-2007-3764NetworkLowNone Requ...
52007-07-18CVE-2007-3763NetworkLowNone Requ...
9.32007-07-18CVE-2007-3762NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
28% (2)CWE-287Improper Authentication
14% (1)CWE-399Resource Management Errors
14% (1)CWE-264Permissions, Privileges, and Access Controls
14% (1)CWE-255Credentials Management
14% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
Hide | Show 1 More...
%idName
14% (1)CWE-16Configuration

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:7422DSA-1563 asterisk -- programming error
oval:org.mitre.oval:def:20041DSA-1563-1 asterisk - denial of service
oval:org.mitre.oval:def:18250DSA-1358-1 asterisk

Open Source Vulnerability Database (OSVDB)

idDescription
47254Asterisk IAX2 FWDOWNL Request Spoofing Remote DoS
44649Asterisk Open Source IAX2 Channel Driver (chan_iax2) Spoofed ACK Response Han...
44648Asterisk IAX2 Channel Driver (chan_iax2) Spoofed NEW Message Remote DoS
43416Asterisk RTP Payload Handling Multiple Remote Overflows
43415Asterisk SIP Channel Driver Unauthenticated Call Remote Privilege Escalation
Hide | Show 8 More...
idDescription
43413Asterisk HTTP Manager ID Prediction Weakness
39841Asterisk BYE/Also Transfer Method DoS
38199Asterisk SIP Channel Driver (chan_sip) Malformed SIP Dialog Remote DoS
38198Asterisk Skinny Channel Driver (chan_skinny) Malformed CAPABILITIES_RES_MESSA...
38196Asterisk IAX2 Channel Driver (chan_iax2) RTP Frame Handling Remote Overflow
38195Asterisk IAX2 Channel Driver (chan_iax2) Malformed IAX Frame Remote DoS
38194Asterisk Skinny Channel Driver (chan_skinny) Crafted Packet Remote DoS
38193Asterisk STUN Implementation RPT Port Malformed STUN Packet Remote DoS

OpenVAS Exploits

idDescription
2009-05-05Name : Gentoo Security Advisory GLSA 200905-01 (asterisk)
File : nvt/glsa_200905_01.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-6676
File : nvt/gb_fedora_2008_6676_asterisk_fc8.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-6853
File : nvt/gb_fedora_2008_6853_asterisk_fc9.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-3365
File : nvt/gb_fedora_2008_3365_asterisk_fc7.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-3390
File : nvt/gb_fedora_2008_3390_asterisk_fc8.nasl
Hide | Show 9 More...
idDescription
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-0198
File : nvt/gb_fedora_2008_0198_asterisk_fc7.nasl
2009-02-17Name : Fedora Update for asterisk FEDORA-2008-0199
File : nvt/gb_fedora_2008_0199_asterisk_fc8.nasl
2009-02-16Name : Fedora Update for asterisk FEDORA-2008-2554
File : nvt/gb_fedora_2008_2554_asterisk_fc8.nasl
2009-02-16Name : Fedora Update for asterisk FEDORA-2008-2620
File : nvt/gb_fedora_2008_2620_asterisk_fc7.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200802-11 (asterisk)
File : nvt/glsa_200802_11.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200804-13 (asterisk)
File : nvt/glsa_200804_13.nasl
2008-05-12Name : Debian Security Advisory DSA 1563-1 (asterisk)
File : nvt/deb_1563_1.nasl
2008-03-27Name : Debian Security Advisory DSA 1525-1 (asterisk)
File : nvt/deb_1525_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1358-1 (asterisk)
File : nvt/deb_1358_1.nasl

Snort® IPS/IDS

DateDescription
2015-03-17Digium Asterisk SIP channel driver denial of service attempt
RuleID : 33445 - Type : PROTOCOL-VOIP - Revision : 2
2014-01-10Digium Asterisk IAX2 Channel Driver DoS attempt
RuleID : 21768 - Type : PROTOCOL-VOIP - Revision : 3
2014-01-10Digium Asterisk IAX2 Channel Driver DoS attempt
RuleID : 21767 - Type : PROTOCOL-VOIP - Revision : 3
2014-01-10Digium Asterisk SCCP overly large mem copy attempt
RuleID : 21673 - Type : PROTOCOL-VOIP - Revision : 4
2014-01-10Digium Asterisk SCCP capabilities response message capabilities count overflo...
RuleID : 21672 - Type : PROTOCOL-VOIP - Revision : 4
Hide | Show 5 More...
DateDescription
2014-01-10Digium Asterisk Attribute header rtpmap field buffer overflow attempt
RuleID : 20392 - Type : PROTOCOL-VOIP - Revision : 10
2014-01-10Digium Asterisk Attribute header rtpmap field buffer overflow attempt
RuleID : 20391 - Type : PROTOCOL-VOIP - Revision : 10
2014-01-10Attribute header rtpmap field invalid payload type
RuleID : 20390 - Type : PROTOCOL-VOIP - Revision : 9
2014-01-10Digium Asterisk IAX2 ack response denial of service attempt
RuleID : 16445 - Type : PROTOCOL-VOIP - Revision : 11
2014-01-10Attribute header rtpmap field invalid payload type
RuleID : 13693 - Type : PROTOCOL-VOIP - Revision : 12

Nessus® Vulnerability Scanner

idDescription
2009-05-04Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200905-01.nasl - Type : ACT_GATHER_INFO
2008-08-15Name : The remote openSUSE host is missing a security update.
File : suse_asterisk-5524.nasl - Type : ACT_GATHER_INFO
2008-07-31Name : The remote Fedora host is missing a security update.
File : fedora_2008-6853.nasl - Type : ACT_GATHER_INFO
2008-07-24Name : The remote VoIP service can be abused to conduct an amplification attack agai...
File : asterisk_iax2_spoofed_fwdownl.nasl - Type : ACT_ATTACK
2008-07-24Name : The remote Fedora host is missing a security update.
File : fedora_2008-6676.nasl - Type : ACT_GATHER_INFO
Hide | Show 15 More...
idDescription
2008-05-07Name : It is possible to bypass authentication and make calls using the remote VoIP ...
File : asterisk_sip_auth_bypass.nasl - Type : ACT_ATTACK
2008-05-06Name : The remote VoIP service can be abused to conduct an amplification attack agai...
File : asterisk_iax2_spoofed_handshake.nasl - Type : ACT_ATTACK
2008-05-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1563.nasl - Type : ACT_GATHER_INFO
2008-05-01Name : The remote Fedora host is missing a security update.
File : fedora_2008-3365.nasl - Type : ACT_GATHER_INFO
2008-05-01Name : The remote Fedora host is missing a security update.
File : fedora_2008-3390.nasl - Type : ACT_GATHER_INFO
2008-04-17Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200804-13.nasl - Type : ACT_GATHER_INFO
2008-04-17Name : The remote openSUSE host is missing a security update.
File : suse_asterisk-5169.nasl - Type : ACT_GATHER_INFO
2008-03-26Name : The remote Fedora host is missing a security update.
File : fedora_2008-2554.nasl - Type : ACT_GATHER_INFO
2008-03-26Name : The remote Fedora host is missing a security update.
File : fedora_2008-2620.nasl - Type : ACT_GATHER_INFO
2008-03-21Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1525.nasl - Type : ACT_GATHER_INFO
2008-02-27Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200802-11.nasl - Type : ACT_GATHER_INFO
2008-01-04Name : The remote Fedora host is missing a security update.
File : fedora_2008-0198.nasl - Type : ACT_GATHER_INFO
2008-01-04Name : The remote Fedora host is missing a security update.
File : fedora_2008-0199.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote openSUSE host is missing a security update.
File : suse_asterisk-3977.nasl - Type : ACT_GATHER_INFO
2007-08-28Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1358.nasl - Type : ACT_GATHER_INFO