CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

SUSE CVE•added 2023/02/15 6:11 a.m.•2 views

SUSE CVE-2007-3765

The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted STUN length attribute in a STUN packet sent on an RTP port...

5CVSS6.7AI score0.00859EPSS

Exploits1References3

Positive Technologies•added 2008/07/22 12:0 a.m.•3 views

PT-2008-4679 · Sony Ericsson +1 · S800I +4

Name of the Vulnerable Software and Affected Versions: Asterisk Open Source versions 1.0.x through 1.2.x before 1.2.30 Asterisk Open Source versions 1.4.x before 1.4.21.2 Asterisk Business Edition A.x.x Asterisk Business Edition B.x.x before B.2.5.4 Asterisk Business Edition C.x.x before C.1.10.3...

7.8CVSS6.8AI score0.36096EPSS

Exploits1References18

Positive Technologies•added 2008/04/23 12:0 a.m.•3 views

PT-2008-3425 · Digium +1 · Appliance Developer Kit +4

Name of the Vulnerable Software and Affected Versions: Asterisk Open Source versions 1.0.x through 1.2.27 and versions 1.4.x through 1.4.18 Asterisk Business Edition versions A.x.x through B.2.5.1 and versions C.x.x through C.1.8.0 AsteriskNOW versions prior to 1.0.3 Appliance Developer Kit...

4.3CVSS6.3AI score0.03049EPSS

Exploits1References31

UbuntuCve•added 2008/03/24 5:44 p.m.•18 views

CVE-2008-1390

The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values...

9.3CVSS5.9AI score0.03015EPSS

Exploits1References2

UbuntuCve•added 2007/07/31 10:17 a.m.•22 views

CVE-2007-4103

The IAX2 channel driver chaniax2 in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service resource exhaustion via a flood of calls that do not...

7.8CVSS7.1AI score0.02623EPSS

Exploits0References1

seebug.org•added 2007/07/22 12:0 a.m.•32 views

Asterisk IAX2隧道驱动IAX2_Write函数远程栈溢出漏洞

BUGTRAQ ID: 24949 CVECAN ID: CVE-2007-3762 Asterisk是开放源码的软件PBX，支持各种VoIP协议和设备。 Asterisk IAX2隧道驱动（chaniax2）中存在栈溢出漏洞，远程攻击者可能利用此漏洞控制服务器。如果向chaniax2传送了数据负载大于4 kB的RTP帧的话，就可能触发这个漏洞。如果要触发这个漏洞，调用iax2write的帧应满足以下条件：语音或视频帧 4字节的时间戳与之前所发送帧高2字节相同格式为预期格式数据负载大于4kB...

9.3CVSS1AI score0.10199EPSS

Exploits1

CVE•added 2007/07/18 5:0 p.m.•56 views

CVE-2007-3765

The CVE-2007-3765 entry corresponds to a remote crash vulnerability in Asterisk’s STUN implementation. Affected are Asterisk Open Source 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2. The flaw arises when parsing inbound STUN attributes...

5CVSS6.4AI score0.00859EPSS

Exploits1References6Affected Software3

seebug.org•added 2007/04/27 12:0 a.m.•58 views

Asterisk SIP T.38 SDP解析远程栈溢出漏洞

Asterisk是一款PBX系统的软件，运行在Linux系统上，支持使用SIP、IAX、H323协议进行IP通话。 Asterisk的SIP/SDP处理器中存在多个远程栈溢出漏洞，远程攻击者可能利用此漏洞控制服务器。如果所发送SIP报文中的SDP数据包含有超长的T38参数的话，就可以触发这个溢出，导致执行任意代码。这个漏洞是由chansip.c文件中的processsdp函数调用sscanf所导致的： else if sscanfa, "T38FaxRateManagement:%s", s == 1 found = 1; if optiondebug 2 astlogLOGDEBUG...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by