This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:asterisk:open_source:1.0.11 |
| Detail | |||
|---|---|---|---|
| Vendor | Asterisk | First view | 2008-01-07 |
| Product | Open Source | Last view | 2012-08-31 |
| Version | 1.0.11 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:asterisk:open_source | ||
Activity : Overall
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 9 | 2012-08-31 | CVE-2012-2186 | Network | Low | Requires ... | |
| 4 | 2012-06-02 | CVE-2012-2948 | Network | Low | Requires ... | |
| 5 | 2009-01-14 | CVE-2009-0041 | Network | Low | None Requ... | |
| 7.8 | 2008-07-24 | CVE-2008-3264 | Network | Low | None Requ... | |
| 4.3 | 2008-06-04 | CVE-2008-2119 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 7.1 | 2008-04-23 | CVE-2008-1923 | Network | Medium | None Requ... | |
| 4.3 | 2008-04-23 | CVE-2008-1897 | Network | Medium | None Requ... | |
| 7.5 | 2008-03-24 | CVE-2008-1289 | Network | Low | None Requ... | |
| 8.8 | 2008-03-19 | CVE-2008-1332 | Network | Medium | None Requ... | |
| 5 | 2008-01-07 | CVE-2008-0095 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 22% (2) | CWE-399 | Resource Management Errors |
| 22% (2) | CWE-287 | Improper Authentication |
| 11% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 11% (1) | CWE-200 | Information Exposure |
| 11% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| % | id | Name |
|---|---|---|
| 11% (1) | CWE-20 | Improper Input Validation |
| 11% (1) | CWE-16 | Configuration |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:7422 | DSA-1563 asterisk -- programming error |
| oval:org.mitre.oval:def:20041 | DSA-1563-1 asterisk - denial of service |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 51373 | Asterisk IAX2 User Account Enumeration Weakness |
| 47254 | Asterisk IAX2 FWDOWNL Request Spoofing Remote DoS |
| 46014 | Asterisk Pedantic Parsing SIP INVITE Message Handling Remote DoS |
| 44649 | Asterisk Open Source IAX2 Channel Driver (chan_iax2) Spoofed ACK Response Han... |
| 44648 | Asterisk IAX2 Channel Driver (chan_iax2) Spoofed NEW Message Remote DoS |
| id | Description |
|---|---|
| 43416 | Asterisk RTP Payload Handling Multiple Remote Overflows |
| 43415 | Asterisk SIP Channel Driver Unauthenticated Call Remote Privilege Escalation |
| 39841 | Asterisk BYE/Also Transfer Method DoS |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2012-10-03 | Name : Debian Security Advisory DSA 2550-2 (asterisk) File : nvt/deb_2550_2.nasl |
| 2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-15 (asterisk) File : nvt/glsa_201209_15.nasl |
| 2012-09-23 | Name : Debian Security Advisory DSA 2550-1 (asterisk) File : nvt/deb_2550_1.nasl |
| 2012-09-22 | Name : Fedora Update for asterisk FEDORA-2012-13338 File : nvt/gb_fedora_2012_13338_asterisk_fc17.nasl |
| 2012-09-22 | Name : Fedora Update for asterisk FEDORA-2012-13437 File : nvt/gb_fedora_2012_13437_asterisk_fc16.nasl |
| id | Description |
|---|---|
| 2012-08-30 | Name : FreeBSD Ports: asterisk File : nvt/freebsd_asterisk2.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2493-1 (asterisk) File : nvt/deb_2493_1.nasl |
| 2012-08-10 | Name : FreeBSD Ports: asterisk10 File : nvt/freebsd_asterisk10.nasl |
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-05 (Asterisk) File : nvt/glsa_201206_05.nasl |
| 2012-05-31 | Name : FreeBSD Ports: asterisk16 File : nvt/freebsd_asterisk161.nasl |
| 2009-12-30 | Name : Debian Security Advisory DSA 1952-1 (asterisk) File : nvt/deb_1952_1.nasl |
| 2009-12-14 | Name : Fedora Core 10 FEDORA-2009-12461 (asterisk) File : nvt/fcore_2009_12461.nasl |
| 2009-12-03 | Name : Fedora Core 10 FEDORA-2009-11126 (asterisk) File : nvt/fcore_2009_11126.nasl |
| 2009-09-28 | Name : Fedora Core 10 FEDORA-2009-9374 (asterisk) File : nvt/fcore_2009_9374.nasl |
| 2009-05-05 | Name : Gentoo Security Advisory GLSA 200905-01 (asterisk) File : nvt/glsa_200905_01.nasl |
| 2009-02-17 | Name : Fedora Update for asterisk FEDORA-2008-6676 File : nvt/gb_fedora_2008_6676_asterisk_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for asterisk FEDORA-2008-6853 File : nvt/gb_fedora_2008_6853_asterisk_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for asterisk FEDORA-2008-3365 File : nvt/gb_fedora_2008_3365_asterisk_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for asterisk FEDORA-2008-3390 File : nvt/gb_fedora_2008_3390_asterisk_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for asterisk FEDORA-2008-0198 File : nvt/gb_fedora_2008_0198_asterisk_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for asterisk FEDORA-2008-0199 File : nvt/gb_fedora_2008_0199_asterisk_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for asterisk FEDORA-2008-2554 File : nvt/gb_fedora_2008_2554_asterisk_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for asterisk FEDORA-2008-2620 File : nvt/gb_fedora_2008_2620_asterisk_fc7.nasl |
| 2009-02-13 | Name : Fedora Core 9 FEDORA-2009-0973 (asterisk) File : nvt/fcore_2009_0973.nasl |
| 2009-02-13 | Name : Fedora Core 10 FEDORA-2009-0984 (asterisk) File : nvt/fcore_2009_0984.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2015-03-17 | Digium Asterisk SIP channel driver denial of service attempt RuleID : 33445 - Type : PROTOCOL-VOIP - Revision : 2 |
| 2014-01-10 | Digium Asterisk Attribute header rtpmap field buffer overflow attempt RuleID : 20392 - Type : PROTOCOL-VOIP - Revision : 10 |
| 2014-01-10 | Digium Asterisk Attribute header rtpmap field buffer overflow attempt RuleID : 20391 - Type : PROTOCOL-VOIP - Revision : 10 |
| 2014-01-10 | Attribute header rtpmap field invalid payload type RuleID : 20390 - Type : PROTOCOL-VOIP - Revision : 9 |
| 2014-01-10 | Digium Asterisk IAX2 ack response denial of service attempt RuleID : 16445 - Type : PROTOCOL-VOIP - Revision : 11 |
| Date | Description |
|---|---|
| 2014-01-10 | Attribute header rtpmap field invalid payload type RuleID : 13693 - Type : PROTOCOL-VOIP - Revision : 12 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2012-09-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-15.nasl - Type : ACT_GATHER_INFO |
| 2012-09-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2550.nasl - Type : ACT_GATHER_INFO |
| 2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13286.nasl - Type : ACT_GATHER_INFO |
| 2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13338.nasl - Type : ACT_GATHER_INFO |
| 2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-13437.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2012-09-06 | Name : A telephony application running on the remote host is affected by a security ... File : asterisk_ast_2012_012.nasl - Type : ACT_GATHER_INFO |
| 2012-08-31 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_4c53f007f2ed11e1a21514dae9ebcf89.nasl - Type : ACT_GATHER_INFO |
| 2012-06-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2493.nasl - Type : ACT_GATHER_INFO |
| 2012-06-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-05.nasl - Type : ACT_GATHER_INFO |
| 2012-06-14 | Name : A telephony application running on the remote host is affected by a denial of... File : asterisk_ast_2012_008.nasl - Type : ACT_GATHER_INFO |
| 2012-05-30 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_359f615da9e111e18a6614dae9ebcf89.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1952.nasl - Type : ACT_GATHER_INFO |
| 2009-05-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200905-01.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-0984.nasl - Type : ACT_GATHER_INFO |
| 2009-02-13 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2009-0973.nasl - Type : ACT_GATHER_INFO |
| 2008-08-15 | Name : The remote openSUSE host is missing a security update. File : suse_asterisk-5524.nasl - Type : ACT_GATHER_INFO |
| 2008-07-31 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6853.nasl - Type : ACT_GATHER_INFO |
| 2008-07-24 | Name : The remote VoIP service can be abused to conduct an amplification attack agai... File : asterisk_iax2_spoofed_fwdownl.nasl - Type : ACT_ATTACK |
| 2008-07-24 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6676.nasl - Type : ACT_GATHER_INFO |
| 2008-05-07 | Name : It is possible to bypass authentication and make calls using the remote VoIP ... File : asterisk_sip_auth_bypass.nasl - Type : ACT_ATTACK |
| 2008-05-06 | Name : The remote VoIP service can be abused to conduct an amplification attack agai... File : asterisk_iax2_spoofed_handshake.nasl - Type : ACT_ATTACK |
| 2008-05-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1563.nasl - Type : ACT_GATHER_INFO |
| 2008-05-01 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3365.nasl - Type : ACT_GATHER_INFO |
| 2008-05-01 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3390.nasl - Type : ACT_GATHER_INFO |
| 2008-04-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-13.nasl - Type : ACT_GATHER_INFO |
