Lucene search
HistoryJul 18, 2007 - 5:30 p.m.
CVE-2007-3765
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.041
Percentile
92.2%
The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port.
Affected configurations
Node
asteriskasteriskMatch1.0
ORasteriskasteriskMatch1.0.6
ORasteriskasteriskMatch1.0.7
ORasteriskasteriskMatch1.0.8
ORasteriskasteriskMatch1.0.9
ORasteriskasteriskMatch1.0.10
ORasteriskasteriskMatch1.0.11
ORasteriskasteriskMatch1.0.12
ORasteriskasteriskMatch1.2.0_beta1
ORasteriskasteriskMatch1.2.0_beta2
ORasteriskasteriskMatch1.2.5
ORasteriskasteriskMatch1.2.6
ORasteriskasteriskMatch1.2.7
ORasteriskasteriskMatch1.2.8
ORasteriskasteriskMatch1.2.9
ORasteriskasteriskMatch1.2.10
ORasteriskasteriskMatch1.2.11
ORasteriskasteriskMatch1.2.12
ORasteriskasteriskMatch1.2.13
ORasteriskasteriskMatch1.2.14
ORasteriskasteriskMatch1.2.15
ORasteriskasteriskMatch1.2.16
ORasteriskasteriskMatch1.2.17
ORasteriskasteriskMatch1.4.1
ORasteriskasteriskMatch1.4.2
ORasteriskasteriskMatch1.4.4_2007-04-27
ORasteriskasteriskMatch1.4_beta
ORasteriskasteriskMatchabusiness
ORasteriskasteriskMatchb.1.3.2business
ORasteriskasteriskMatchb.1.3.3business
ORasteriskasteriskMatchb.2.2.0business
ORasteriskasterisk_appliance_developer_kitRangeβ€0.4
ORasteriskasterisknowMatchbeta_5
ORasteriskasterisknowMatchbeta_6
Node
asterisks800i_applianceMatch1.0
ORasterisks800i_applianceMatch1.0.1
Related
cve
cve
CVE-2007-3765
2007-07-18 17:30:00
ubuntucve
ubuntucve
CVE-2007-3765
2007-07-18 00:00:00
securityvulns
securityvulns
ASA-2007-017: Remote Crash Vulnerability in STUN implementation
2007-07-19 00:00:00
Asterisk VoIP server multiple security vulnerabilities
2007-07-19 00:00:00
prion
prion
Code injection
2007-07-18 17:30:00
debiancve
debiancve
CVE-2007-3765
2007-07-18 17:30:00
cvelist
cvelist
CVE-2007-3765
2007-07-18 17:00:00
seebug
seebug
Asteriskε€δΈͺθΏη¨ζη»ζε‘ζΌζ΄
2007-07-20 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.041
Percentile
92.2%
Related for NVD:CVE-2007-3765