Summary
Detail | |||
---|---|---|---|
Vendor | Digium | First view | 2007-07-31 |
Product | Asterisk Appliance Developer Kit | Last view | 2007-07-31 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:digium:asterisk_appliance_developer_kit:0.5.0:*:*:*:*:*:*:* | 1 |
cpe:2.3:a:digium:asterisk_appliance_developer_kit:*:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.5 | 2007-07-31 | CVE-2007-4103 | The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of calls that do not complete a 3-way handshake, which causes an ast_channel to be allocated but not released. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-772 | Missing Release of Resource after Effective Lifetime |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-2 | Inducing Account Lockout |
CAPEC-82 | Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi... |
CAPEC-147 | XML Ping of Death |
CAPEC-228 | Resource Depletion through DTD Injection in a SOAP Message |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
38197 | Asterisk IAX2 Channel Driver (chan_iax2) Incomplete Connection Saturation Rem... |
OpenVAS Exploits
id | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200802-11 (asterisk) File : nvt/glsa_200802_11.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2008-02-27 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200802-11.nasl - Type: ACT_GATHER_INFO |