Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-2294HistoryApr 26, 2007 - 8:19 p.m.
CVE-2007-2294
2007-04-2620:19:00
Debian Security Bug Tracker
security-tracker.debian.org
5
0.133 Low
EPSS
Percentile
95.6%
The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in a NULL pointer dereference.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | asterisk | < 1:1.4.3~dfsg-1 | asterisk_1:1.4.3~dfsg-1_all.deb |
| Debian | 10 | all | asterisk | < 1:1.4.3~dfsg-1 | asterisk_1:1.4.3~dfsg-1_all.deb |
| Debian | 999 | all | asterisk | < 1:1.4.3~dfsg-1 | asterisk_1:1.4.3~dfsg-1_all.deb |
Related
cvelist
cvelist
CVE-2007-2294
2007-04-26 20:00:00
ubuntucve
ubuntucve
CVE-2007-2294
2007-04-26 00:00:00
prion
prion
Null pointer dereference
2007-04-26 20:19:00
cve
cve
CVE-2007-2294
2007-04-26 20:19:00
suse
suse
remote denial of service in asterisk
2007-06-06 17:11:13
openvas
openvas
SuSE Update for asterisk SUSE-SA:2007:034
2009-01-28 00:00:00
Debian: Security Advisory (DSA-1358-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1358-1 (asterisk)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1358-1] New asterisk packages fix several vulnerabilities
2007-08-26 00:00:00
osv
osv
asterisk
2007-08-26 00:00:00
nessus
nessus
Debian DSA-1358-1 : asterisk - several vulnerabilities
2007-08-28 00:00:00