Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-2286
HistoryApr 18, 2014 - 10:14 p.m.

CVE-2014-2286

2014-04-1822:14:00
CWE-20
[email protected]
web.nvd.nist.gov
42
cve-2014-2286
asterisk
open source
certified asterisk
denial of service
stack consumption
remote attack
arbitrary code execution
http header
nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.599 Medium

EPSS

Percentile

97.7%

JSON

main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote attackers to cause a denial of service (stack consumption) and possibly execute arbitrary code via an HTTP request with a large number of Cookie headers.

Related

ubuntucve 1
debiancve 1
checkpoint_advisories 1
securityvulns 2
nessus 7
prion 1
seebug 1
openvas 8
fedora 2
mageia 2
freebsd 1
gentoo 1
osv 1
debian 1
ubuntucve
ubuntucve
CVE-2014-2286
2014-04-18 00:00:00
debiancve
debiancve
CVE-2014-2286
2014-04-18 22:14:00
checkpoint_advisories
checkpoint_advisories
Digium Asterisk Cookie Stack Overflow (CVE-2014-2286)
2014-04-13 00:00:00
securityvulns
securityvulns
AST-2014-001: Stack Overflow in HTTP Processing of Cookie Headers.
2014-03-13 00:00:00
Asterisk multiple security vulnerabilities
2014-03-13 00:00:00
nessus
nessus
Asterisk main/http.c DoS (AST-2014-001)
2014-03-14 00:00:00
Mandriva Linux Security Advisory : asterisk (MDVSA-2014:078)
2014-04-17 00:00:00
FreeBSD : asterisk -- multiple vulnerabilities (03159886-a8a3-11e3-8f36-0025905a4771)
2014-03-12 00:00:00
prion
prion
Code injection
2014-04-18 22:14:00
seebug
seebug
Asterisk特制HTTP Cookie处理拒绝服务漏洞
2014-03-13 00:00:00
openvas
openvas
Fedora Update for asterisk FEDORA-2014-3762
2014-03-25 00:00:00
Mageia: Security Advisory (MGASA-2014-0172)
2022-01-28 00:00:00
Fedora Update for asterisk FEDORA-2014-3779
2014-03-25 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: asterisk-11.8.1-1.fc19
2014-03-21 09:29:33
[SECURITY] Fedora 20 Update: asterisk-11.8.1-1.fc20
2014-03-21 09:36:05
mageia
mageia
Updated asterisk packages fix security vulnerabilities
2014-04-15 22:22:45
Updated asterisk packages fix security vulnerabilities
2014-04-15 22:22:45
freebsd
freebsd
asterisk -- multiple vulnerabilities
2014-03-10 00:00:00
gentoo
gentoo
Asterisk: Denial of service
2014-05-03 00:00:00
osv
osv
asterisk - security update
2016-05-03 00:00:00
debian
debian
[SECURITY] [DLA 455-1] asterisk security update
2016-05-03 20:31:18

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.599 Medium

EPSS

Percentile

97.7%

JSON
Related for CVE-2014-2286
ubuntucve1debiancve1checkpoint_advisories1securityvulns2nessus7prion1seebug1openvas8fedora2mageia2freebsd1gentoo1osv1debian1