30 matches found
EUVD-2007-4263
Malware in sbrugna...
EUVD-2017-18294
Malware in sbrugna...
EUVD-2010-1254
Malware in sbrugna...
EUVD-2006-4333
Malware in sbrugna...
EUVD-2007-2289
Malware in sbrugna...
EUVD-2017-5611
Malware in sbrugna...
[SECURITY] [DLA 4206-1] asterisk security update
Debian LTS Advisory DLA-4206-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 02, 2025 https://wiki.debian.org/LTS Package : asterisk Version : 1:16.28.0dfsg-0+deb11u7 CVE ID : CVE-2025-47779 CVE-2025-47780 Debian Bug : 1106528 1106530 Two security...
Debian dla-4206 : asterisk - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4206 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4206-1 [email protected]...
CVE-2025-47780
Asterisk is an open-source private branch exchange PBX. Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface CLI by configuring...
CVE-2025-47780
CVE-2025-47780 affects Asterisk and certified-asterisk. Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 (and 18.9-cert14, 20.7-cert5 for certified-asterisk), configuring cli_permissions.conf with deny=!* to block shell commands on the CLI does not work, potentially allowing shell access wh...
CVE-2025-47780 cli_permissions.conf: deny option does not work for disallowing shell commands
Asterisk is an open-source private branch exchange PBX. Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface CLI by configuring...
CVE-2025-47780
Asterisk is an open-source private branch exchange PBX. Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface CLI by configuring...
CVE-2003-0761
Buffer overflow in the getmsgtext of chansip.c in the Session Initiation Protocol SIP protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain 1 MESSAGE or 2 INFO requests...
[SECURITY] [DLA 4042-1] asterisk security update
Debian LTS Advisory DLA-4042-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert February 06, 2025 https://wiki.debian.org/LTS Package : asterisk Version : 1:16.28.0dfsg-0+deb11u6 CVE ID : CVE-2024-53566 Debian Bug : An issue has been found in asterisk, an Open Sourc...
[SECURITY] [DLA 3925-1] asterisk security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3925-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 20, 2024 https://wiki.debian.org/LTS -...
CVE-2023-49294
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the livedangerously is not enabled. This allows arbitrary fil...
CVE-2009-3723
asterisk allows calls on prohibited networks...
CVE-2019-15297
respjsipt38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference...
Buffer overflow
A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the respjsippubsub module stores the accepted formats present in the Accept headers of the request. Th...
CVE-2016-9938
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...