This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:digium:asterisk:1.6.2.17:rc2
Detail
VendorDigiumFirst view 2011-03-31
ProductAsteriskLast view2018-02-21
Version1.6.2.17TypeApplication
Edition 
Language 
Updaterc2 
 
CPE Productcpe:/a:digium:asterisk

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
52018-02-21CVE-2018-7284NetworkLowNone Requ...
52017-12-01CVE-2017-17090NetworkLowNone Requ...
52014-11-24CVE-2014-8414NetworkLowNone Requ...
4.32014-06-17CVE-2014-4048NetworkMediumNone Requ...
4.32013-01-04CVE-2012-5977NetworkMediumNone Requ...
Hide | Show 12 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52013-01-04CVE-2012-5976NetworkLowNone Requ...
4.32012-09-18CVE-2012-1183NetworkMediumNone Requ...
4.32011-12-14CVE-2011-4598NetworkMediumNone Requ...
52011-12-14CVE-2011-4597NetworkLowNone Requ...
52011-07-06CVE-2011-2666NetworkLowNone Requ...
52011-07-06CVE-2011-2536NetworkLowNone Requ...
52011-07-06CVE-2011-2535NetworkLowNone Requ...
52011-07-06CVE-2011-2529NetworkLowNone Requ...
92011-04-26CVE-2011-1599NetworkLowRequires ...
52011-04-26CVE-2011-1507NetworkLowNone Requ...
52011-03-31CVE-2011-1175NetworkLowNone Requ...
52011-03-31CVE-2011-1174NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
33% (5)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (3)CWE-399Resource Management Errors
20% (3)CWE-200Information Exposure
13% (2)CWE-20Improper Input Validation
6% (1)CWE-459Incomplete Cleanup
Hide | Show 1 More...
%idName
6% (1)CWE-16Configuration

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:12914DSA-2225-1 asterisk -- several
oval:org.mitre.oval:def:18564DSA-2605-1 asterisk - several issues
oval:org.mitre.oval:def:28902DSA-2605-2 -- asterisk -- several issues
oval:org.mitre.oval:def:13073DSA-2276-1 asterisk -- multiple denial of service
oval:org.mitre.oval:def:12933DSA-2276-2 asterisk -- multiple denial of service
Hide | Show 2 More...
idName
oval:org.mitre.oval:def:15029DSA-2367-1 asterisk -- several
oval:org.mitre.oval:def:18445DSA-2493-1 asterisk - denial of service

Open Source Vulnerability Database (OSVDB)

idDescription
77598Asterisk channels/chan_sip.c handle_request_info() Function SIP Packet Parsin...
77597Asterisk Request Response Port SIP Peer Enumeration
74352Asterisk SIP Channel Driver Default Configuration Invalid SIP Request Usernam...
73434Asterisk Multiple Products Manager Interface manager.c Originate Action Remot...
73433Asterisk Multiple Products Unauthenticated Session Connection Saturation Remo...
Hide | Show 5 More...
idDescription
73406Asterisk tcptls.c TLS API TCP Session Saturation NULL Dereference Remote DoS
73405Asterisk manager.c Manager Session Invalid Data Saturation Remote DoS
73309Asterisk channels/chan_iax2.c iax2_setoption() Function Invalid Pointer DoS
73307Asterisk channels/chan_sip.c sipsock_read() Function NULL Byte Memory Corrupt...
73257Asterisk SIP Multiple Message Response Username Enumeration

OpenVAS Exploits

idDescription
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-4230
File : nvt/gb_fedora_2012_4230_asterisk_fc17.nasl
2012-08-30Name : Fedora Update for asterisk FEDORA-2012-6704
File : nvt/gb_fedora_2012_6704_asterisk_fc17.nasl
2012-08-10Name : Debian Security Advisory DSA 2493-1 (asterisk)
File : nvt/deb_2493_1.nasl
2012-05-04Name : Fedora Update for asterisk FEDORA-2012-6612
File : nvt/gb_fedora_2012_6612_asterisk_fc16.nasl
2012-04-30Name : Gentoo Security Advisory GLSA 201203-21 (Asterisk)
File : nvt/glsa_201203_21.nasl
Hide | Show 16 More...
idDescription
2012-04-30Name : Debian Security Advisory DSA 2460-1 (asterisk)
File : nvt/deb_2460_1.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4259
File : nvt/gb_fedora_2012_4259_asterisk_fc15.nasl
2012-04-02Name : Fedora Update for asterisk FEDORA-2012-4318
File : nvt/gb_fedora_2012_4318_asterisk_fc16.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201110-21 (Asterisk)
File : nvt/glsa_201110_21.nasl
2012-02-11Name : Debian Security Advisory DSA 2367-1 (asterisk)
File : nvt/deb_2367_1.nasl
2011-08-03Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk142.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-1 (asterisk)
File : nvt/deb_2276_1.nasl
2011-08-03Name : Debian Security Advisory DSA 2276-2 (asterisk)
File : nvt/deb_2276_2.nasl
2011-07-18Name : Fedora Update for asterisk FEDORA-2011-8914
File : nvt/gb_fedora_2011_8914_asterisk_fc14.nasl
2011-05-17Name : Fedora Update for asterisk FEDORA-2011-6225
File : nvt/gb_fedora_2011_6225_asterisk_fc14.nasl
2011-05-12Name : FreeBSD Ports: asterisk14
File : nvt/freebsd_asterisk141.nasl
2011-05-12Name : Debian Security Advisory DSA 2225-1 (asterisk)
File : nvt/deb_2225_1.nasl
2011-05-10Name : Fedora Update for asterisk FEDORA-2011-6208
File : nvt/gb_fedora_2011_6208_asterisk_fc13.nasl
2011-04-01Name : Fedora Update for asterisk FEDORA-2011-3942
File : nvt/gb_fedora_2011_3942_asterisk_fc14.nasl
2011-04-01Name : Fedora Update for asterisk FEDORA-2011-3945
File : nvt/gb_fedora_2011_3945_asterisk_fc13.nasl
0000-00-00Name : FreeBSD Ports: asterisk18
File : nvt/freebsd_asterisk180.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2014-A-0085Multiple Vulnerabilities in Asterisk Products
Severity : Category I - VMSKEY : V0052633

Snort® IPS/IDS

DateDescription
2019-09-19Digium Asterisk multiple malformed Accept headers denial of service attempt
RuleID : 51087 - Type : PROTOCOL-VOIP - Revision : 1
2019-09-19Digium Asterisk multiple malformed Accept headers denial of service attempt
RuleID : 51086 - Type : PROTOCOL-VOIP - Revision : 1
2014-01-10Digium Asterisk oversized Content-Length memory corruption attempt
RuleID : 25276 - Type : SERVER-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-10-17Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4320.nasl - Type : ACT_GATHER_INFO
2018-03-02Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2018_001-006.nasl - Type : ACT_GATHER_INFO
2018-03-02Name : A telephony application running on the remote host is affected by a Subscribe...
File : asterisk_ast_2018_002-005.nasl - Type : ACT_GATHER_INFO
2018-02-23Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_933654ce17b811e890b8001999f8d30b.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-66e9367f7e.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-01-02Name : The remote Debian host is missing a security update.
File : debian_DLA-1225.nasl - Type : ACT_GATHER_INFO
2018-01-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4076.nasl - Type : ACT_GATHER_INFO
2017-12-06Name : A telephony application running on the remote host is affected by a memory ex...
File : asterisk_ast_2017_013.nasl - Type : ACT_GATHER_INFO
2017-12-04Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_e91cf90cd6dd11e79d10001999f8d30b.nasl - Type : ACT_GATHER_INFO
2014-12-29Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-51.nasl - Type : ACT_GATHER_INFO
2014-11-25Name : A telephony application running on the remote host is affected by a denial of...
File : asterisk_ast_2014_014.nasl - Type : ACT_GATHER_INFO
2014-11-24Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_7bfd797c716d11e4b008001999f8d30b.nasl - Type : ACT_GATHER_INFO
2014-06-17Name : A telephony application running on the remote host is affected by multiple de...
File : asterisk_ast_2014_008.nasl - Type : ACT_GATHER_INFO
2014-01-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-15.nasl - Type : ACT_GATHER_INFO
2013-04-20Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-140.nasl - Type : ACT_GATHER_INFO
2013-02-20Name : A telephony application running on the remote host is affected by multiple vu...
File : asterisk_ast_2012_015.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-0992.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-0994.nasl - Type : ACT_GATHER_INFO
2013-01-31Name : The remote Fedora host is missing a security update.
File : fedora_2013-1003.nasl - Type : ACT_GATHER_INFO
2013-01-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2605.nasl - Type : ACT_GATHER_INFO
2013-01-04Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f7c87a8a55d511e2a255c8600054b392.nasl - Type : ACT_GATHER_INFO
2012-06-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2493.nasl - Type : ACT_GATHER_INFO
2012-06-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201203-21.nasl - Type : ACT_GATHER_INFO
2012-05-07Name : The remote Fedora host is missing a security update.
File : fedora_2012-6704.nasl - Type : ACT_GATHER_INFO
2012-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2012-6612.nasl - Type : ACT_GATHER_INFO