Lucene search
K

120 matches found

OpenVAS
OpenVAS
added 2017/04/18 12:0 a.m.42 views

Asterisk Open Source and Certified Asterisk RTP Resource Exhaustion DoS Vulnerability

Asterisk Open Source and Certified Asterisk are prone to a remote denial of service DoS vulnerability. This VT has been deprecated since this check is already covered in SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

7.5CVSS7.4AI score0.05468EPSS
Exploits0References2
CNVD
CNVD
added 2016/12/20 12:0 a.m.5 views

Asterisk Open Source and Certified Asterisk 'chan_sip' authentication bypass vulnerability

Digium Asterisk Open Source is an open source telephone exchange PBX system software from Digium. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR and so on. A security vulnerability exists in Digium Asterisk Open Source. An attacker could exploit th...

5.3CVSS6.8AI score0.03429EPSS
Exploits0References1
CNVD
CNVD
added 2016/11/10 12:0 a.m.3 views

Digium Asterisk Denial of Service Vulnerability

Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR and so on. A security vulnerability exists in Digium Asterisk. An attacker could exploit the vulnerabili...

7.5CVSS7.5AI score0.05468EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2016/10/26 12:0 a.m.3 views

Digium Asterisk PJSIP Stack ACK Denial of Service

A denial of service vulnerability exists in Digium Asterisk when the PJSIP stack is used. The vulnerability is due to improper processing of ACKs from an unrecognized endpoint, that causes a NULL pointer dereference. A remote unauthenticated attacker can exploit this vulnerability by sending an A...

3.9AI score
Exploits0
OpenVAS
OpenVAS
added 2016/08/08 12:0 a.m.61 views

Asterisk TLS Certificate Common Name NULL Byte Vulnerability (AST-2015-003)

Asterisk is prone to a certificate bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if...

4.3CVSS7.4AI score0.46156EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2016/07/17 12:0 a.m.2 views

Digium Asterisk PJSIP Channel Driver REGISTER Denial of Service

A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to errors when processing incoming REGISTER requests with lengthy Contact Header URI. A remote authenticated attacker can exploit this vulnerability to cause a denial of service condition...

4.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/05/11 12:0 a.m.2 views

Digium Asterisk res_pjsip_pubsub Module SIP SUBSCRIBE Type Confusion Denial of Service (CVE-2014-6609)

A denial of service vulnerability exists in Asterisk Open Source. The vulnerability is due to the way SIP SUBSCRIBE requests with unexpected mixes of headers for a given event package are handled. Remote, unauthenticated attackers could exploit this vulnerability by sending malformed SIP SUBSCRIB...

4CVSS3.1AI score0.03614EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/12/28 12:0 a.m.8 views

Digium Asterisk Manager User Shell Command Execution - Ver2 (CVE-2012-2414)

A security bypass vulnerability has been reported in Digium Asterisk. The vulnerability is due to an error in the way the server validates permissions while executing shell commands from unauthorized users. A remote attacker can exploit this issue by sending specially crafted AMI requests to the...

6.5CVSS1.9AI score0.02717EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/10/29 12:0 a.m.4 views

Digium Asterisk HTTP Connections Denial of Service (CVE-2014-4047)

A denial of service vulnerability exists in Digium Asterisk. The vulnerability is due to the way HTTP sessions are being handled. A remote, unauthenticated attacker can exploit this vulnerability by establishing an excessive number of TCP connections to the configured HTTP or HTTPS port...

5CVSS1.7AI score0.0491EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/06/02 12:0 a.m.3 views

Digium Asterisk File Descriptor Invalid Headers Syntax Denial of Service (CVE-2014-2287)

A denial of service condition has been reported in Digium Asterisk. The vulnerability is due to file descriptor exhaustion from a large number of invalid SIP INVITE requests. A remote attacker can exploit this vulnerability to cause a denial of service condition...

3.1AI score0.02444EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/04/13 12:0 a.m.4 views

Digium Asterisk Cookie Stack Overflow (CVE-2014-2286)

A stack-overflow vulnerability has been reported in Digium Asterisk. The vulnerability is due to insufficient validation of Cookie: headers in HTTP requests sent to the HTTP management interface. A remote attacker can exploit this vulnerability to cause a denial-of-service condition...

4.1AI score0.16262EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/04/13 12:0 a.m.5 views

Digium Asterisk File Descriptor Denial of Service (CVE-2014-2287)

A denial of service vulnerability has been reported in Digium Asterisk. The vulnerability is due to file descriptor exhaustion from a large number of crafted SIP INVITE requests. A remote attacker can exploit this vulnerability to cause a denial of service condition...

3.5CVSS7AI score0.02444EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2013/10/27 12:0 a.m.4 views

Digium Asterisk SIP Invalid SDP Media Descriptions Denial of Service (CVE-2013-5642)

A denial of service vulnerability exists in Asterisk Open Source, Certified Asterisk and Asterisk with Digiumphones...

6.2AI score0.11653EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/10/27 12:0 a.m.3 views

Digium Asterisk SIP Terminated Channel ACK with SDP Denial of Service (CVE-2013-5641)

A denial of service vulnerability exists in Asterisk Open Source and Certified Asterisk...

6.2AI score0.04111EPSS
Exploits0
OSV
OSV
added 2013/09/09 5:55 p.m.2 views

UBUNTU-CVE-2013-5642

The SIP channel driver channels/chansip.c in Asterisk Open Source 1.8.x before 1.8.23.1, 10.x before 10.12.3, and 11.x before 11.5.1; Certified Asterisk 1.8.15 before 1.8.15-cert3 and 11.2 before 11.2-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.3-digiumphones allows remote...

5CVSS5.8AI score0.11653EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2013/03/18 12:0 a.m.5 views

Digium Asterisk SIP Channel Driver Denial Of Service - High Confidence (CVE-2011-4063)

A denial of service vulnerability has been reported in Digium Asterisk. The vulnerability is due to an error in Asterisk's SIP channel driver while handling malformed REGISTER requests. A remote attacker may exploit this vulnerability by sending a specially crafted REGISTER request to an affected...

6.8CVSS6.1AI score0.0238EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/01/20 12:0 a.m.2 views

Digium Asterisk HTTP Management Interface Stack Overflow (CVE-2012-5976; CVE-2013-2686)

A stack overflow vulnerability has been reported in Digium Asterisk. The vulnerability is due to an unchecked memory allocation on the stack, which can result in a stack overflow or writing of attacker-controlled data to arbitrary memory locations. A remote attacker can use this vulnerability by...

5CVSS6.7AI score0.03032EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/01/07 12:0 a.m.9 views

Digium Asterisk IAX2 POKE Request Denial of Service (CVE-2008-3263)

A denial of service vulnerability has been reported in Digium Asterisk...

6.2AI score0.28EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2012/09/04 12:0 a.m.13 views

Digium Asterisk Manager User Shell Command Execution (CVE-2012-2414)

A security bypass vulnerability has been reported in Digium Asterisk...

6.4AI score0.02717EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2012/08/27 12:0 a.m.4 views

Digium Asterisk Skinny Channel Driver Heap Buffer Overflow (CVE-2012-2415)

A heap buffer overflow vulnerability has been reported in Digium Asterisk...

6.9AI score0.02721EPSS
Exploits0
Rows per page
Query Builder