Lucene search

[email protected]NVD:CVE-2008-3263

HistoryJul 22, 2008 - 11:41 p.m.

CVE-2008-3263

2008-07-2223:41:00

CWE-399

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.4 Medium

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON

The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (call-number exhaustion and CPU consumption) by quickly sending a large number of IAX2 (IAX) POKE requests.

Affected configurations

NVD

Node

asteriskasteriskMatch0.1.0

asteriskasteriskMatch0.1.1

asteriskasteriskMatch0.1.2

asteriskasteriskMatch0.1.3

asteriskasteriskMatch0.1.4

asteriskasteriskMatch0.1.5

asteriskasteriskMatch0.1.6

asteriskasteriskMatch0.1.7

asteriskasteriskMatch0.1.8

asteriskasteriskMatch0.1.9

asteriskasteriskMatch0.1.9_1

asteriskasteriskMatch0.1.10

asteriskasteriskMatch0.1.11

asteriskasteriskMatch0.1.12

asteriskasteriskMatch0.2

asteriskasteriskMatch0.3

asteriskasteriskMatch0.4

asteriskasteriskMatch0.5.0

asteriskasteriskMatch0.7.0

asteriskasteriskMatch0.7.1

asteriskasteriskMatch0.7.2

asteriskasteriskMatch0.9.0

asteriskasteriskMatch1.0

asteriskasteriskMatch1.0rc1

asteriskasteriskMatch1.0.1

asteriskasteriskMatch1.0.2

asteriskasteriskMatch1.0.3

asteriskasteriskMatch1.0.4

asteriskasteriskMatch1.0.5

asteriskasteriskMatch1.0.6

asteriskasteriskMatch1.0.7

asteriskasteriskMatch1.0.8

asteriskasteriskMatch1.0.9

asteriskasteriskMatch1.0.10

asteriskasteriskMatch1.0.11

asteriskasteriskMatch1.0.11.1

asteriskasteriskMatch1.0.12

asteriskasteriskMatch1.2.0_beta1

asteriskasteriskMatch1.2.0_beta2

asteriskasteriskMatch1.2.1

asteriskasteriskMatch1.2.2

asteriskasteriskMatch1.2.3

asteriskasteriskMatch1.2.4

asteriskasteriskMatch1.2.5

asteriskasteriskMatch1.2.6

asteriskasteriskMatch1.2.7

asteriskasteriskMatch1.2.7.1

asteriskasteriskMatch1.2.8

asteriskasteriskMatch1.2.9

asteriskasteriskMatch1.2.9.1

asteriskasteriskMatch1.2.10

asteriskasteriskMatch1.2.11

asteriskasteriskMatch1.2.12

asteriskasteriskMatch1.2.13

asteriskasteriskMatch1.2.14

asteriskasteriskMatch1.2.15

asteriskasteriskMatch1.2.16

asteriskasteriskMatch1.2.17

asteriskasteriskMatch1.2.18

asteriskasteriskMatch1.2.19

asteriskasteriskMatch1.2.20

asteriskasteriskMatch1.2.21

asteriskasteriskMatch1.2.22

asteriskasteriskMatch1.2.23

asteriskasteriskMatch1.2.24

asteriskasteriskMatch1.2.25

asteriskasteriskMatch1.2.26

asteriskasteriskMatch1.2.26.1

asteriskasteriskMatch1.2.26.2

asteriskasteriskMatch1.2.27

asteriskasteriskMatch1.2.28

asteriskasteriskMatch1.2.28.1

asteriskasteriskMatch1.2.29

asteriskasteriskMatch1.2.30

asteriskasteriskMatch1.4.1

asteriskasteriskMatch1.4.2

asteriskasteriskMatch1.4.3

asteriskasteriskMatch1.4.4

asteriskasteriskMatch1.4.4_2007-04-27

asteriskasteriskMatch1.4.5

asteriskasteriskMatch1.4.6

asteriskasteriskMatch1.4.7

asteriskasteriskMatch1.4.8

asteriskasteriskMatch1.4.9

asteriskasteriskMatch1.4.10

asteriskasteriskMatch1.4.11

asteriskasteriskMatch1.4.12

asteriskasteriskMatch1.4.13

asteriskasteriskMatch1.4.14

asteriskasteriskMatch1.4.15

asteriskasteriskMatch1.4.16

asteriskasteriskMatch1.4.16.1

asteriskasteriskMatch1.4.16.2

asteriskasteriskMatch1.4.17

asteriskasteriskMatch1.4.18

asteriskasteriskMatch1.4.18.1

asteriskasteriskMatch1.4.19

asteriskasteriskMatch1.4_beta

asteriskasteriskMatch1.4_revision_95946

asteriskasteriskMatch1.6

asteriskasteriskMatcha

asteriskasteriskMatchabusiness

asteriskasteriskMatchb.1.3.2

asteriskasteriskMatchb.1.3.2business

asteriskasteriskMatchb.1.3.3

asteriskasteriskMatchb.1.3.3business

asteriskasteriskMatchb.2.2.0

asteriskasteriskMatchb.2.2.0business

References

downloads.digium.com/pub/security/AST-2008-010.html

downloads.securityfocus.com/vulnerabilities/exploits/30321.pl

secunia.com/advisories/31178

secunia.com/advisories/31194

secunia.com/advisories/34982

security.gentoo.org/glsa/glsa-200905-01.xml

www.securityfocus.com/archive/1/494675/100/0/threaded

www.securityfocus.com/bid/30321

www.securitytracker.com/id?1020535

www.vupen.com/english/advisories/2008/2168/references

exchange.xforce.ibmcloud.com/vulnerabilities/43942

www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.4 Medium

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON

Related for NVD:CVE-2008-3263

cve2 nessus5 ubuntucve2 cvelist2 checkpoint_advisories1 debiancve2 securityvulns2 prion2 fedora2 openvas6 nvd1 gentoo1