This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:digium:asterisk:1.4.40.1
Detail
VendorDigiumFirst view 2011-07-06
ProductAsteriskLast view2018-02-21
Version1.4.40.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:digium:asterisk

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52018-02-21CVE-2018-7284NetworkLowNone Requ...
52017-12-01CVE-2017-17090NetworkLowNone Requ...
52014-11-24CVE-2014-8414NetworkLowNone Requ...
4.32014-06-17CVE-2014-4048NetworkMediumNone Requ...
4.32013-01-04CVE-2012-5977NetworkMediumNone Requ...
Hide | Show 6 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52013-01-04CVE-2012-5976NetworkLowNone Requ...
4.32012-09-18CVE-2012-1183NetworkMediumNone Requ...
52011-12-14CVE-2011-4597NetworkLowNone Requ...
52011-07-06CVE-2011-2666NetworkLowNone Requ...
52011-07-06CVE-2011-2536NetworkLowNone Requ...
52011-07-06CVE-2011-2535NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
40% (4)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (2)CWE-200Information Exposure
10% (1)CWE-459Incomplete Cleanup
10% (1)CWE-399Resource Management Errors
10% (1)CWE-20Improper Input Validation
Hide | Show 1 More...
%idName
10% (1)CWE-16Configuration

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:18564DSA-2605-1 asterisk - several issues
oval:org.mitre.oval:def:28902DSA-2605-2 -- asterisk -- several issues
oval:org.mitre.oval:def:13073DSA-2276-1 asterisk -- multiple denial of service
oval:org.mitre.oval:def:12933DSA-2276-2 asterisk -- multiple denial of service
oval:org.mitre.oval:def:18445DSA-2493-1 asterisk - denial of service

Open Source Vulnerability Database (OSVDB)

idDescription
77597Asterisk Request Response Port SIP Peer Enumeration
74352Asterisk SIP Channel Driver Default Configuration Invalid SIP Request Usernam...
73309Asterisk channels/chan_iax2.c iax2_setoption() Function Invalid Pointer DoS
73257Asterisk SIP Multiple Message Response Username Enumeration

OpenVAS Exploits

idDescription
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-4230
File : nvt/gb_fedora_2012_4230_asterisk_fc17.nasl
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-6704
File : nvt/gb_fedora_2012_6704_asterisk_fc17.nasl
2012-08-10Name : Debian Security Advisory DSA 2493-1 (asterisk)
File : nvt/deb_2493_1.nasl
2012-05-04Name : Fedora Update for asterisk FEDORA-2012-6612
File : nvt/gb_fedora_2012_6612_asterisk_fc16.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-21 (Asterisk)
File : nvt/glsa_201203_21.nasl
Hide | Show 10 More...
idDescription
2012-04-30Name : Debian Security Advisory DSA 2460-1 (asterisk)
File : nvt/deb_2460_1.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4259
File : nvt/gb_fedora_2012_4259_asterisk_fc15.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4318
File : nvt/gb_fedora_2012_4318_asterisk_fc16.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-21 (Asterisk)
File : nvt/glsa_201110_21.nasl
2012-02-11Name : Debian Security Advisory DSA 2367-1 (asterisk)
File : nvt/deb_2367_1.nasl
2011-08-03Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk142.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-1 (asterisk)
File : nvt/deb_2276_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-2 (asterisk)
File : nvt/deb_2276_2.nasl
2011-07-18Name : Fedora Update for asterisk FEDORA-2011-8914
File : nvt/gb_fedora_2011_8914_asterisk_fc14.nasl
0000-00-00Name : FreeBSD Ports: asterisk18
File : nvt/freebsd_asterisk180.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0085Multiple Vulnerabilities in Asterisk Products
Severity : Category I - VMSKEY : V0052633

Snort® IPS/IDS

DateDescription
2019-09-19Digium Asterisk multiple malformed Accept headers denial of service attempt
RuleID : 51087 - Type : PROTOCOL-VOIP - Revision : 1
2019-09-19Digium Asterisk multiple malformed Accept headers denial of service attempt
RuleID : 51086 - Type : PROTOCOL-VOIP - Revision : 1
2014-01-10Digium Asterisk oversized Content-Length memory corruption attempt
RuleID : 25276 - Type : SERVER-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-10-17Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4320.nasl - Type : ACT_GATHER_INFO
2018-03-02Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2018_001-006.nasl - Type : ACT_GATHER_INFO
2018-03-02Name : A telephony application running on the remote host is affected by a Subscribe...
File : asterisk_ast_2018_002-005.nasl - Type : ACT_GATHER_INFO
2018-02-23Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_933654ce17b811e890b8001999f8d30b.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-66e9367f7e.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-01-02Name : The remote Debian host is missing a security update.
File : debian_DLA-1225.nasl - Type : ACT_GATHER_INFO
2018-01-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4076.nasl - Type : ACT_GATHER_INFO
2017-12-06Name : A telephony application running on the remote host is affected by a memory ex...
File : asterisk_ast_2017_013.nasl - Type : ACT_GATHER_INFO
2017-12-04Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_e91cf90cd6dd11e79d10001999f8d30b.nasl - Type : ACT_GATHER_INFO
2014-12-29Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-51.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by a denial of...
File : asterisk_ast_2014_014.nasl - Type : ACT_GATHER_INFO
2014-11-24Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_7bfd797c716d11e4b008001999f8d30b.nasl - Type : ACT_GATHER_INFO
2014-06-17Name : A telephony application running on the remote host is affected by multiple de...
File : asterisk_ast_2014_008.nasl - Type : ACT_GATHER_INFO
2014-01-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-15.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-140.nasl - Type : ACT_GATHER_INFO
2013-02-20Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2012_015.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-0992.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-0994.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-1003.nasl - Type : ACT_GATHER_INFO
2013-01-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2605.nasl - Type : ACT_GATHER_INFO
2013-01-04Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f7c87a8a55d511e2a255c8600054b392.nasl - Type : ACT_GATHER_INFO
2012-06-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2493.nasl - Type : ACT_GATHER_INFO
2012-06-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201203-21.nasl - Type : ACT_GATHER_INFO
2012-05-07Name : The remote Fedora host is missing a security update.
File : fedora_2012-6704.nasl - Type : ACT_GATHER_INFO
2012-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-6612.nasl - Type : ACT_GATHER_INFO