This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:asterisk:open_source
Detail
VendorAsteriskFirst view 2007-12-19
ProductOpen SourceLast view2017-06-02
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:asterisk:open_source:1.2.1813
cpe:/a:asterisk:open_source:1.2.26.213
cpe:/a:asterisk:open_source:1.2.1713
cpe:/a:asterisk:open_source:1.2.2513
cpe:/a:asterisk:open_source:1.2.1013
Hide | Show 45 More...
CPE NameAffected CVE
cpe:/a:asterisk:open_source:1.2.1313
cpe:/a:asterisk:open_source:1.2.26.113
cpe:/a:asterisk:open_source:1.2.2413
cpe:/a:asterisk:open_source:1.2.1513
cpe:/a:asterisk:open_source:1.2.2713
cpe:/a:asterisk:open_source:1.2.2813
cpe:/a:asterisk:open_source:1.2.1613
cpe:/a:asterisk:open_source:1.2.1113
cpe:/a:asterisk:open_source:1.2.2313
cpe:/a:asterisk:open_source:1.2.2213
cpe:/a:asterisk:open_source:1.2.2613
cpe:/a:asterisk:open_source:1.2.2113
cpe:/a:asterisk:open_source:1.2.1913
cpe:/a:asterisk:open_source:1.2.713
cpe:/a:asterisk:open_source:1.2.513
cpe:/a:asterisk:open_source:1.2.613
cpe:/a:asterisk:open_source:1.2.813
cpe:/a:asterisk:open_source:1.4.812
cpe:/a:asterisk:open_source:1.2.21.112
cpe:/a:asterisk:open_source:1.4.1212
cpe:/a:asterisk:open_source:1.4.1112
cpe:/a:asterisk:open_source:1.2.312
cpe:/a:asterisk:open_source:1.4.1312
cpe:/a:asterisk:open_source:1.2.26.1:netsec12
cpe:/a:asterisk:open_source:1.4.1012
cpe:/a:asterisk:open_source:1.2.2012
cpe:/a:asterisk:open_source:1.4.712
cpe:/a:asterisk:open_source:1.4.212
cpe:/a:asterisk:open_source:1.2.26.2:netsec12
cpe:/a:asterisk:open_source:1.4.112
cpe:/a:asterisk:open_source:1.2.1412
cpe:/a:asterisk:open_source:1.2.1212
cpe:/a:asterisk:open_source:1.4.912
cpe:/a:asterisk:open_source:1.2.112
cpe:/a:asterisk:open_source:1.2.212
cpe:/a:asterisk:open_source:1.4.412
cpe:/a:asterisk:open_source:1.2.12.112
cpe:/a:asterisk:open_source:1.4.512
cpe:/a:asterisk:open_source:1.2.26:netsec12
cpe:/a:asterisk:open_source:1.2.012
cpe:/a:asterisk:open_source:1.4.1412
cpe:/a:asterisk:open_source:1.4.312
cpe:/a:asterisk:open_source:1.4.1512
cpe:/a:asterisk:open_source:1.4.612
cpe:/a:asterisk:open_source:1.2.7.112

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52017-06-02CVE-2017-9358NetworkLowNone Requ...
52013-04-01CVE-2013-2686NetworkLowNone Requ...
7.52013-04-01CVE-2013-2685NetworkLowNone Requ...
52013-04-01CVE-2013-2264NetworkLowNone Requ...
92012-08-31CVE-2012-2186NetworkLowRequires ...
Hide | Show 19 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
42012-06-02CVE-2012-2948NetworkLowRequires ...
6.52012-04-30CVE-2012-2416NetworkLowRequires ...
6.52012-04-30CVE-2012-2415NetworkLowRequires ...
6.52012-04-30CVE-2012-2414NetworkLowRequires ...
4.32012-01-25CVE-2012-0885NetworkMediumNone Requ...
6.82011-10-21CVE-2011-4063NetworkLowRequires ...
7.82009-09-08CVE-2009-2346NetworkLowNone Requ...
7.82009-08-12CVE-2009-2726NetworkLowNone Requ...
52009-01-14CVE-2009-0041NetworkLowNone Requ...
4.32008-12-17CVE-2008-5558NetworkMediumNone Requ...
7.82008-07-24CVE-2008-3264NetworkLowNone Requ...
4.32008-06-04CVE-2008-2119NetworkMediumNone Requ...
7.12008-04-23CVE-2008-1923NetworkMediumNone Requ...
4.32008-04-23CVE-2008-1897NetworkMediumNone Requ...
7.52008-03-24CVE-2008-1289NetworkLowNone Requ...
5.82008-03-19CVE-2008-1333NetworkMediumNone Requ...
8.82008-03-19CVE-2008-1332NetworkMediumNone Requ...
52008-01-07CVE-2008-0095NetworkLowNone Requ...
4.32007-12-19CVE-2007-6430NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
28% (6)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
23% (5)CWE-287Improper Authentication
14% (3)CWE-399Resource Management Errors
9% (2)CWE-200Information Exposure
9% (2)CWE-20Improper Input Validation
Hide | Show 3 More...
%idName
4% (1)CWE-264Permissions, Privileges, and Access Controls
4% (1)CWE-134Uncontrolled Format String
4% (1)CWE-16Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99XML Parser Attack
CAPEC-119Resource Depletion
CAPEC-121Locate and Exploit Test APIs
Hide | Show 7 More...
idName
CAPEC-125Resource Depletion through Flooding
CAPEC-130Resource Depletion through Allocation
CAPEC-147XML Ping of Death
CAPEC-197XEE (XML Entity Expansion)
CAPEC-227Denial of Service through Resource Depletion
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229XML Attribute Blowup

Open Source Vulnerability Database (OSVDB)

idDescription
78482Asterisk SRTP Video Stream Negotiation Remote DoS
76784Asterisk SIP Channel Driver chan_sip.c Uninitialized Variable Request Parsing...
57762Asterisk IAX2 Call Number Resource Exhaustion Remote DoS
56991Asterisk Multiple Function Maximum Width Handling Remote DoS
51373Asterisk IAX2 User Account Enumeration Weakness
Hide | Show 10 More...
idDescription
50675Asterisk IAX2 Realtime Hostname Handling User Authentication Remote DoS
47254Asterisk IAX2 FWDOWNL Request Spoofing Remote DoS
46014Asterisk Pedantic Parsing SIP INVITE Message Handling Remote DoS
44649Asterisk Open Source IAX2 Channel Driver (chan_iax2) Spoofed ACK Response Han...
44648Asterisk IAX2 Channel Driver (chan_iax2) Spoofed NEW Message Remote DoS
43416Asterisk RTP Payload Handling Multiple Remote Overflows
43415Asterisk SIP Channel Driver Unauthenticated Call Remote Privilege Escalation
43414Asterisk ast_verbose Logging API Manager command Format String
39841Asterisk BYE/Also Transfer Method DoS
39519Asterisk Host Based Registration Database Security Bypass

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-10-03Name : Debian Security Advisory DSA 2550-2 (asterisk)
File : nvt/deb_2550_2.nasl
2012-10-03Name : Gentoo Security Advisory GLSA 201209-15 (asterisk)
File : nvt/glsa_201209_15.nasl
2012-09-23Name : Debian Security Advisory DSA 2550-1 (asterisk)
File : nvt/deb_2550_1.nasl
2012-09-22Name : Fedora Update for asterisk FEDORA-2012-13338
File : nvt/gb_fedora_2012_13338_asterisk_fc17.nasl
2012-09-22Name : Fedora Update for asterisk FEDORA-2012-13437
File : nvt/gb_fedora_2012_13437_asterisk_fc16.nasl
Hide | Show 20 More...
idDescription
2012-08-30Name : FreeBSD Ports: asterisk
File : nvt/freebsd_asterisk2.nasl
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-6704
File : nvt/gb_fedora_2012_6704_asterisk_fc17.nasl
2012-08-10Name : Debian Security Advisory DSA 2493-1 (asterisk)
File : nvt/deb_2493_1.nasl
2012-08-10Name : FreeBSD Ports: asterisk10
File : nvt/freebsd_asterisk10.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-05 (Asterisk)
File : nvt/glsa_201206_05.nasl
2012-06-19Name : SIP channel driver in Asterisk suffers remote crash vulnerability
File : nvt/nopsec_asterisk_ast_2012_006.nasl
2012-05-31Name : FreeBSD Ports: asterisk16
File : nvt/freebsd_asterisk161.nasl
2012-05-08Name : Fedora Update for asterisk FEDORA-2012-6724
File : nvt/gb_fedora_2012_6724_asterisk_fc15.nasl
2012-05-04Name : Fedora Update for asterisk FEDORA-2012-6612
File : nvt/gb_fedora_2012_6612_asterisk_fc16.nasl
2012-04-30Name : FreeBSD Ports: asterisk16
File : nvt/freebsd_asterisk160.nasl
2012-04-30Name : Debian Security Advisory DSA 2460-1 (asterisk)
File : nvt/deb_2460_1.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2011-14480
File : nvt/gb_fedora_2011_14480_asterisk_fc16.nasl
2012-03-12Name : Gentoo Security Advisory GLSA 201202-06 (asterisk)
File : nvt/glsa_201202_06.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-21 (Asterisk)
File : nvt/glsa_201110_21.nasl
2011-11-11Name : Fedora Update for asterisk FEDORA-2011-14538
File : nvt/gb_fedora_2011_14538_asterisk_fc15.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201006-20 (asterisk)
File : nvt/glsa_201006_20.nasl
2009-12-30Name : Debian Security Advisory DSA 1952-1 (asterisk)
File : nvt/deb_1952_1.nasl
2009-12-14Name : Fedora Core 10 FEDORA-2009-12461 (asterisk)
File : nvt/fcore_2009_12461.nasl
2009-12-03Name : Fedora Core 10 FEDORA-2009-11126 (asterisk)
File : nvt/fcore_2009_11126.nasl
2009-09-28Name : Fedora Core 10 FEDORA-2009-9374 (asterisk)
File : nvt/fcore_2009_9374.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-A-0070Multiple Vulnerabilities in Asterisk Products
Severity : Category I - VMSKEY : V0037603

Snort® IPS/IDS

DateDescription
2015-03-17Digium Asterisk SIP channel driver denial of service attempt
RuleID : 33445 - Type : PROTOCOL-VOIP - Revision : 2
2014-01-10Digium Asterisk SIP SDP header parsing stack buffer overflow attempt
RuleID : 26426 - Type : PROTOCOL-VOIP - Revision : 4
2014-01-10Digium Asterisk SIP SDP header parsing stack buffer overflow attempt
RuleID : 26425 - Type : PROTOCOL-VOIP - Revision : 4
2014-01-10Digium Asterisk oversized Content-Length memory corruption attempt
RuleID : 25276 - Type : SERVER-OTHER - Revision : 4
2014-01-10Digium Asterisk SCCP keypad button message denial of service attempt
RuleID : 24720 - Type : PROTOCOL-VOIP - Revision : 7
Hide | Show 17 More...
DateDescription
2014-01-10Digium Asterisk SCCP call state message offhook
RuleID : 24719 - Type : PROTOCOL-VOIP - Revision : 8
2014-01-10Digium Asterisk Manager command shell execution attempt
RuleID : 23210 - Type : PROTOCOL-VOIP - Revision : 9
2014-01-10Digium Asterisk Manager command shell execution attempt
RuleID : 23209 - Type : PROTOCOL-VOIP - Revision : 9
2014-01-10Digium Asterisk IAX2 call number denial of service
RuleID : 21608 - Type : PROTOCOL-VOIP - Revision : 4
2014-01-10Digium Asterisk channel driver denial of service attempt
RuleID : 21103 - Type : PROTOCOL-VOIP - Revision : 4
2014-01-10Digium Asterisk channel driver denial of service attempt
RuleID : 21102 - Type : PROTOCOL-VOIP - Revision : 4
2014-01-10Digium Asterisk channel driver denial of service attempt
RuleID : 21101 - Type : PROTOCOL-VOIP - Revision : 7
2014-01-10Digium Asterisk Attribute header rtpmap field buffer overflow attempt
RuleID : 20392 - Type : PROTOCOL-VOIP - Revision : 10
2014-01-10Digium Asterisk Attribute header rtpmap field buffer overflow attempt
RuleID : 20391 - Type : PROTOCOL-VOIP - Revision : 10
2014-01-10Attribute header rtpmap field invalid payload type
RuleID : 20390 - Type : PROTOCOL-VOIP - Revision : 9
2014-01-10Digium Asterisk IAX2 ack response denial of service attempt
RuleID : 16445 - Type : PROTOCOL-VOIP - Revision : 11
2014-01-10CSeq buffer overflow attempt
RuleID : 16351 - Type : PROTOCOL-VOIP - Revision : 11
2014-01-10Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16212 - Type : DOS - Revision : 2
2014-01-10Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16211 - Type : DOS - Revision : 2
2014-01-10Digium Asterisk SIP sscanf denial of service attempt
RuleID : 16210 - Type : DOS - Revision : 2
2014-01-10Attribute header rtpmap field invalid payload type
RuleID : 13693 - Type : PROTOCOL-VOIP - Revision : 12
2014-01-10CSeq buffer overflow attempt
RuleID : 11971 - Type : PROTOCOL-VOIP - Revision : 8

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-01-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-15.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-140.nasl - Type : ACT_GATHER_INFO
2013-04-10Name : A telephony application running on the remote host is affected by a buffer ov...
File : asterisk_ast_2013_001.nasl - Type : ACT_GATHER_INFO
2013-04-10Name : A telephony application running on the remote host is affected by a denial of...
File : asterisk_ast_2013_002.nasl - Type : ACT_GATHER_INFO
2013-04-10Name : A telephony application running on the remote host is affected by an informat...
File : asterisk_ast_2013_003.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-04-08Name : The remote Fedora host is missing a security update.
File : fedora_2013-4528.nasl - Type : ACT_GATHER_INFO
2013-04-08Name : The remote Fedora host is missing a security update.
File : fedora_2013-4566.nasl - Type : ACT_GATHER_INFO
2013-04-08Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_daf0a339985011e2879ed43d7e0c7c02.nasl - Type : ACT_GATHER_INFO
2012-09-27Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201209-15.nasl - Type : ACT_GATHER_INFO
2012-09-19Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2550.nasl - Type : ACT_GATHER_INFO
2012-09-18Name : The remote Fedora host is missing a security update.
File : fedora_2012-13286.nasl - Type : ACT_GATHER_INFO
2012-09-18Name : The remote Fedora host is missing a security update.
File : fedora_2012-13338.nasl - Type : ACT_GATHER_INFO
2012-09-18Name : The remote Fedora host is missing a security update.
File : fedora_2012-13437.nasl - Type : ACT_GATHER_INFO
2012-09-06Name : A telephony application running on the remote host is affected by a security ...
File : asterisk_ast_2012_012.nasl - Type : ACT_GATHER_INFO
2012-08-31Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_4c53f007f2ed11e1a21514dae9ebcf89.nasl - Type : ACT_GATHER_INFO
2012-06-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2493.nasl - Type : ACT_GATHER_INFO
2012-06-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-05.nasl - Type : ACT_GATHER_INFO
2012-06-14Name : A telephony application running on the remote host is affected by a denial of...
File : asterisk_ast_2012_008.nasl - Type : ACT_GATHER_INFO
2012-05-30Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_359f615da9e111e18a6614dae9ebcf89.nasl - Type : ACT_GATHER_INFO
2012-05-07Name : The remote Fedora host is missing a security update.
File : fedora_2012-6704.nasl - Type : ACT_GATHER_INFO
2012-05-07Name : The remote Fedora host is missing a security update.
File : fedora_2012-6724.nasl - Type : ACT_GATHER_INFO
2012-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-6612.nasl - Type : ACT_GATHER_INFO
2012-04-27Name : A telephony application running on the remote host is affected by a privilege...
File : asterisk_ast_2012_004.nasl - Type : ACT_GATHER_INFO
2012-04-27Name : A telephony application running on the remote host is affected by a heap-base...
File : asterisk_ast_2012_005.nasl - Type : ACT_GATHER_INFO
2012-04-27Name : A telephony application running on the remote host is affected by a denial of...
File : asterisk_ast_2012_006.nasl - Type : ACT_GATHER_INFO