Lucene search
+L

1446 matches found

Tenable Nessus
Tenable Nessus
added 2006/12/11 12:0 a.m.22 views

Debian DSA-1229-1 : asterisk - integer overflow

Adam Boileau discovered an integer overflow in the Skinny channel driver in Asterisk, an Open Source Private Branch Exchange or telephone system, as used by Cisco SCCP phones, which allows remote attackers to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.5CVSS5.9AI score0.84962EPSS
Exploits1References2
OSV
OSV
added 2006/12/06 12:0 a.m.20 views

DSA-1229-1 asterisk

Bulletin has no description...

7.5CVSS6.3AI score0.84962EPSS
Exploits1
NVD
NVD
added 2006/10/23 5:7 p.m.19 views

CVE-2006-5444

Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...

7.5CVSS7.8AI score0.84962EPSS
Exploits1References19
UbuntuCve
UbuntuCve
added 2006/10/23 5:7 p.m.22 views

CVE-2006-5444

Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...

7.5CVSS6.3AI score0.84962EPSS
Exploits1References1
OSV
OSV
added 2006/10/23 5:7 p.m.3 views

DEBIAN-CVE-2006-5444

Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...

7.5CVSS8AI score0.84962EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2006/10/23 5:0 p.m.35 views

CVE-2006-5444

Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...

7.5CVSS7.6AI score0.84962EPSS
Exploits1
CVE
CVE
added 2006/10/23 5:0 p.m.102 views

CVE-2006-5444

CVE-2006-5444 involves an integer overflow in Asterisk’s Skinny channel driver (chan_skinny.c). Affected are Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, used by Cisco SCCP phones. An attacker can trigger a heap-based buffer overflow via a crafted dlen value, potentially leading to remot...

7.5CVSS7.7AI score0.84962EPSS
Exploits1References19Affected Software1
Cvelist
Cvelist
added 2006/10/23 5:0 p.m.27 views

CVE-2006-5444

Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...

7.7AI score0.84962EPSS
Exploits1References19
securityvulns
securityvulns
added 2006/10/19 12:0 a.m.45 views

Security-Assessment.com Advisory: Asterisk remote heap overflow

======================================================================== = Asterisk - chanskinny Remote Unauthenticated Heap Overflow = = Vendor Website: = http://www.asterisk.org = = Affected Version: = All 1.2-branch releases prior to and including 1.2.12.1 = All 1.0-branch releases prior to an...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/19 12:0 a.m.45 views

Skinny Server Detection

The remote server is an H.323 proxy that understands the Skinny protocol, also known as SCCP, for 'Skinny Client Control Protocol'. Skinny is Cisco's proprietary lightweight terminal control protocol used by some VoIP phones to communicate with Cisco CallManager or Asterisk PBX systems. C Tenable...

5.5AI score
Exploits0References1
FreeBSD
FreeBSD
added 2006/10/17 12:0 a.m.10 views

asterisk -- remote heap overwrite vulnerability

Adam Boileau of Security-Assessment.com reports: The Asterisk Skinny channel driver for Cisco SCCP phones chanskinny.so incorrectly validates a length value in the packet header. An integer wrap-around leads to heap overwrite, and arbitrary remote code execution as root...

2.3AI score
Exploits0References2
securityvulns
securityvulns
added 2006/10/05 12:0 a.m.63 views

Multiple VoIP phones vulnerabilities

Buffer overflows in integrated HTTP server. Buffer overflow on large UDP datagrams...

1.4AI score
Exploits0References3
securityvulns
securityvulns
added 2006/09/29 12:0 a.m.48 views

FiWin SS28S Wi-Fi phones backdoor account

Phone has debug console with telnet access and hardcoded account 1 with password 1...

1.3AI score
Exploits0References1
Cvelist
Cvelist
added 2006/05/02 6:0 p.m.28 views

CVE-2005-4794

Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager SESM allows remote attackers to cause a denial of service crash or instability via a compressed DNS packet with a label length byte with an incorrect offset...

6.7AI score0.02387EPSS
Exploits0References12
CVE
CVE
added 2006/05/02 6:0 p.m.60 views

CVE-2005-4794

The CVE-2005-4794 issue affects Cisco devices listed in the Initial document: IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM). The vulnerability is a denial of service caused by processing a compressed DNS packet containing a label length by...

5CVSS7AI score0.02387EPSS
Exploits0References12Affected Software7
Prion
Prion
added 2006/03/23 11:6 p.m.10 views

Design/Logic Flaw

The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook...

6.8CVSS7.1AI score0.02631EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/03/23 11:0 p.m.25 views

CVE-2006-1366

Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service device shutdown, and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer aka FTP service on Bluetooth channel 9...

7.7AI score0.04883EPSS
Exploits1References7
securityvulns
securityvulns
added 2006/03/22 12:0 a.m.43 views

Motorola cellular phones multiple bluetooth vulnerabilities

Security dialog spoofing, buffer overflow...

3.8AI score
Exploits0References1
Packet Storm
Packet Storm
added 2006/02/25 12:0 a.m.47 views

155022006-nokia_n70.txt

Software affected Bluetooth Stack on Nokia cell phones Version Nokia N70 and maybe other models Impact Remote Denial of Service, cellular phones begin to be slower and then freeze after a short period within 30 seconds. Credits Pierre Betouin - [email protected] - Bug found with BSS new...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/02/07 12:0 a.m.32 views

[ Secuobs - Advisory ] Bluetooth : DoS on Sony/Ericsson cell phones

Software affected Bluetooth Stack on Sony/Ericsson cell phones Version Sony/Ericsson K600i, V600i, W800i, T68i and certainly other models Impact Bluetooth Stack Denial of Service may be more - may be a rootkit : - Phone DoS reboot or shutdown - White screen bug freeze sleeping Credits Pierre...

7AI score
Exploits0
Rows per page
Query Builder