Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-1184HistorySep 18, 2012 - 6:55 p.m.
CVE-2012-1184
2012-09-1818:55:04
Debian Security Bug Tracker
security-tracker.debian.org
6
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.969 High
EPSS
Percentile
99.7%
Stack-based buffer overflow in the ast_parse_digest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string in an HTTP Digest Authentication header.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | asterisk | < 1:1.8.10.0~dfsg-1 | asterisk_1:1.8.10.0~dfsg-1_all.deb |
| Debian | 10 | all | asterisk | < 1:1.8.10.0~dfsg-1 | asterisk_1:1.8.10.0~dfsg-1_all.deb |
| Debian | 999 | all | asterisk | < 1:1.8.10.0~dfsg-1 | asterisk_1:1.8.10.0~dfsg-1_all.deb |
Related
nvd
nvd
CVE-2012-1184
2012-09-18 18:55:04
nessus
nessus
Asterisk ast_parse_digest Function HTTP Digest Authentication String Parsing Remote Overflow (AST-2012-003)
2012-03-22 00:00:00
GLSA-201203-21 : Asterisk: Multiple vulnerabilities
2012-06-21 00:00:00
Fedora 17 : asterisk-10.2.1-1.fc17 (2012-4230)
2012-04-12 00:00:00
openvas
openvas
Asterisk HTTP Manager Buffer Overflow Vulnerability
2012-04-23 00:00:00
Fedora Update for asterisk FEDORA-2012-4230
2012-08-30 00:00:00
Fedora Update for asterisk FEDORA-2012-4318
2012-04-02 00:00:00
ubuntucve
ubuntucve
CVE-2012-1184
2012-09-18 00:00:00
prion
prion
Stack overflow
2012-09-18 18:55:00
cve
cve
CVE-2012-1184
2012-09-18 18:55:04
cvelist
cvelist
CVE-2012-1184
2012-09-18 18:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: asterisk-1.8.10.1-1.fc16
2012-03-31 03:16:38
[SECURITY] Fedora 17 Update: asterisk-10.2.1-1.fc17
2012-04-12 02:04:28
[SECURITY] Fedora 15 Update: asterisk-1.8.10.1-1.fc15
2012-03-31 03:10:13
gentoo
gentoo
Asterisk: Multiple vulnerabilities
2012-03-28 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.969 High
EPSS
Percentile
99.7%
Related for DEBIANCVE:CVE-2012-1184