This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:digium:asterisk:1.4.7.1
Detail
VendorDigiumFirst view 2007-07-31
ProductAsteriskLast view2018-02-21
Version1.4.7.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:digium:asterisk

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52018-02-21CVE-2018-7284NetworkLowNone Requ...
52017-12-01CVE-2017-17090NetworkLowNone Requ...
92014-11-24CVE-2014-8418NetworkLowRequires ...
6.52014-11-24CVE-2014-8417NetworkLowRequires ...
52014-11-24CVE-2014-8416NetworkLowNone Requ...
Hide | Show 19 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52014-11-24CVE-2014-8415NetworkLowNone Requ...
52014-11-24CVE-2014-8414NetworkLowNone Requ...
7.52014-11-24CVE-2014-8413NetworkLowNone Requ...
52014-11-24CVE-2014-8412NetworkLowNone Requ...
4.32014-06-17CVE-2014-4048NetworkMediumNone Requ...
4.32013-01-04CVE-2012-5977NetworkMediumNone Requ...
52013-01-04CVE-2012-5976NetworkLowNone Requ...
4.32012-09-18CVE-2012-1183NetworkMediumNone Requ...
52011-12-14CVE-2011-4597NetworkLowNone Requ...
52011-07-06CVE-2011-2666NetworkLowNone Requ...
52011-07-06CVE-2011-2536NetworkLowNone Requ...
52011-07-06CVE-2011-2535NetworkLowNone Requ...
62011-01-20CVE-2011-0495NetworkMediumRequires ...
52009-12-02CVE-2009-4055NetworkLowNone Requ...
52009-11-10CVE-2009-3727NetworkLowNone Requ...
7.52007-11-29CVE-2007-6171NetworkLowNone Requ...
6.52007-11-29CVE-2007-6170NetworkLowRequires ...
6.82007-10-12CVE-2007-5358NetworkMediumNone Requ...
7.82007-07-31CVE-2007-4103NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
28% (6)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
19% (4)CWE-264Permissions, Privileges, and Access Controls
14% (3)CWE-200Information Exposure
14% (3)CWE-20Improper Input Validation
9% (2)CWE-399Resource Management Errors
Hide | Show 2 More...
%idName
9% (2)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
4% (1)CWE-16Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147XML Ping of Death
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:12470DSA-2171-1 asterisk -- buffer overflow
oval:org.mitre.oval:def:18564DSA-2605-1 asterisk - several issues
oval:org.mitre.oval:def:28902DSA-2605-2 -- asterisk -- several issues
oval:org.mitre.oval:def:13073DSA-2276-1 asterisk -- multiple denial of service
oval:org.mitre.oval:def:12933DSA-2276-2 asterisk -- multiple denial of service
Hide | Show 2 More...
idName
oval:org.mitre.oval:def:18041DSA-1417-1 asterisk - SQL injection
oval:org.mitre.oval:def:18445DSA-2493-1 asterisk - denial of service

Open Source Vulnerability Database (OSVDB)

idDescription
77597Asterisk Request Response Port SIP Peer Enumeration
74352Asterisk SIP Channel Driver Default Configuration Invalid SIP Request Usernam...
73309Asterisk channels/chan_iax2.c iax2_setoption() Function Invalid Pointer DoS
73257Asterisk SIP Multiple Message Response Username Enumeration
70518Asterisk main/utils.c ast_uri_encode() Function Caller ID Information Overflow
Hide | Show 7 More...
idDescription
60569Asterisk rtp.c RTP Comfort Noise Payload Remote DoS
59697Asterisk SIP REGISTER Response Username Enumeration Weakness
38933Asterisk Postgres Realtime Engine SQL Injection
38932Asterisk Call Detail Record Postgres Multiple Strings SQL Injection
38202Asterisk IMAP Voicemail Backend Crafted Fields Local Overflow
38201Asterisk IMAP Voicemail Backend Crafted Content Header Remote Overflow
38197Asterisk IAX2 Channel Driver (chan_iax2) Incomplete Connection Saturation Rem...

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-4230
File : nvt/gb_fedora_2012_4230_asterisk_fc17.nasl
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-6704
File : nvt/gb_fedora_2012_6704_asterisk_fc17.nasl
2012-08-10Name : Debian Security Advisory DSA 2493-1 (asterisk)
File : nvt/deb_2493_1.nasl
2012-05-04Name : Fedora Update for asterisk FEDORA-2012-6612
File : nvt/gb_fedora_2012_6612_asterisk_fc16.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-21 (Asterisk)
File : nvt/glsa_201203_21.nasl
Hide | Show 20 More...
idDescription
2012-04-30Name : Debian Security Advisory DSA 2460-1 (asterisk)
File : nvt/deb_2460_1.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4259
File : nvt/gb_fedora_2012_4259_asterisk_fc15.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4318
File : nvt/gb_fedora_2012_4318_asterisk_fc16.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-21 (Asterisk)
File : nvt/glsa_201110_21.nasl
2012-02-11Name : Debian Security Advisory DSA 2367-1 (asterisk)
File : nvt/deb_2367_1.nasl
2011-08-03Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk142.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-1 (asterisk)
File : nvt/deb_2276_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-2 (asterisk)
File : nvt/deb_2276_2.nasl
2011-07-18Name : Fedora Update for asterisk FEDORA-2011-8914
File : nvt/gb_fedora_2011_8914_asterisk_fc14.nasl
2011-03-09Name : Debian Security Advisory DSA 2171-1 (asterisk)
File : nvt/deb_2171_1.nasl
2011-03-09Name : Gentoo Security Advisory GLSA 201006-20 (asterisk)
File : nvt/glsa_201006_20.nasl
2011-02-04Name : Fedora Update for asterisk FEDORA-2011-0774
File : nvt/gb_fedora_2011_0774_asterisk_fc14.nasl
2011-02-04Name : Fedora Update for asterisk FEDORA-2011-0794
File : nvt/gb_fedora_2011_0794_asterisk_fc13.nasl
2010-04-06Name : Fedora Update for asterisk FEDORA-2010-3381
File : nvt/gb_fedora_2010_3381_asterisk_fc12.nasl
2010-03-31Name : Fedora Update for asterisk FEDORA-2010-3724
File : nvt/gb_fedora_2010_3724_asterisk_fc11.nasl
2009-12-30Name : Fedora Core 11 FEDORA-2009-12506 (asterisk)
File : nvt/fcore_2009_12506.nasl
2009-12-30Name : Fedora Core 12 FEDORA-2009-12517 (asterisk)
File : nvt/fcore_2009_12517.nasl
2009-12-30Name : Debian Security Advisory DSA 1952-1 (asterisk)
File : nvt/deb_1952_1.nasl
2009-12-14Name : Fedora Core 10 FEDORA-2009-12461 (asterisk)
File : nvt/fcore_2009_12461.nasl
2009-12-01Name : Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
File : nvt/asterisk_37153.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0085Multiple Vulnerabilities in Asterisk Products
Severity : Category I - VMSKEY : V0052633

Snort® IPS/IDS

DateDescription
2014-01-10Digium Asterisk oversized Content-Length memory corruption attempt
RuleID : 25276 - Type : SERVER-OTHER - Revision : 4
2014-01-10Digium Asterisk RTP comfort noise denial of service attempt
RuleID : 24270 - Type : PROTOCOL-VOIP - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-10-17Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4320.nasl - Type : ACT_GATHER_INFO
2018-03-02Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2018_001-006.nasl - Type : ACT_GATHER_INFO
2018-03-02Name : A telephony application running on the remote host is affected by a Subscribe...
File : asterisk_ast_2018_002-005.nasl - Type : ACT_GATHER_INFO
2018-02-23Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_933654ce17b811e890b8001999f8d30b.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-66e9367f7e.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-01-02Name : The remote Debian host is missing a security update.
File : debian_DLA-1225.nasl - Type : ACT_GATHER_INFO
2018-01-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4076.nasl - Type : ACT_GATHER_INFO
2017-12-06Name : A telephony application running on the remote host is affected by a memory ex...
File : asterisk_ast_2017_013.nasl - Type : ACT_GATHER_INFO
2017-12-04Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_e91cf90cd6dd11e79d10001999f8d30b.nasl - Type : ACT_GATHER_INFO
2016-05-04Name : The remote Debian host is missing a security update.
File : debian_DLA-455.nasl - Type : ACT_GATHER_INFO
2014-12-29Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-51.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2014_012.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2014_013.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by a denial of...
File : asterisk_ast_2014_014.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by a privilege...
File : asterisk_ast_2014_017.nasl - Type : ACT_GATHER_INFO
2014-11-24Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_7bfd797c716d11e4b008001999f8d30b.nasl - Type : ACT_GATHER_INFO
2014-11-24Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_a92ed304716c11e4b008001999f8d30b.nasl - Type : ACT_GATHER_INFO
2014-06-17Name : A telephony application running on the remote host is affected by multiple de...
File : asterisk_ast_2014_008.nasl - Type : ACT_GATHER_INFO
2014-01-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-15.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-140.nasl - Type : ACT_GATHER_INFO
2013-02-20Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2012_015.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-0992.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-0994.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-1003.nasl - Type : ACT_GATHER_INFO
2013-01-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2605.nasl - Type : ACT_GATHER_INFO