Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2008-1390 | First vendor Publication | 2008-03-24 |
Vendor | Cve | Last vendor Modification | 2018-10-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values, which makes it easier for remote attackers to hijack a manager session via a series of ID guesses. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1390 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-255 | Credentials Management |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-02-16 | Name : Fedora Update for asterisk FEDORA-2008-2554 File : nvt/gb_fedora_2008_2554_asterisk_fc8.nasl |
2009-02-16 | Name : Fedora Update for asterisk FEDORA-2008-2620 File : nvt/gb_fedora_2008_2620_asterisk_fc7.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
43413 | Asterisk HTTP Manager ID Prediction Weakness |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-03-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2554.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2620.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:07:18 |
|
2021-04-22 01:07:43 |
|
2020-05-23 00:21:28 |
|
2018-10-12 00:20:17 |
|
2017-08-08 09:23:57 |
|
2016-04-26 17:14:24 |
|
2014-02-17 10:44:19 |
|
2013-05-11 00:12:58 |
|