EUVD-2017-6104

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-16672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. A...

Linux Distros Unpatched Vulnerability : CVE-2016-2232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3...

Linux Distros Unpatched Vulnerability : CVE-2019-12827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in respjsipmessaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash...

Linux Distros Unpatched Vulnerability : CVE-2021-31878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PJSIP in Asterisk before 16.19.1 and before 18.5.1. To exploit, a re-INVITE without SDP must be received after Asterisk has sent a BY...

Linux Distros Unpatched Vulnerability : CVE-2024-42365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Asterisk is an open source private branch exchange PBX and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk...

PT-2025-22514 · Sangoma +1 · Asterisk +2

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 18.26.2 Asterisk versions prior to 20.14.1 Asterisk versions prior to 21.9.1 Asterisk versions prior to 22.4.1 certified-asterisk versions prior to 18.9-cert14 certified-asterisk versions prior to 20.7-cert5...

PT-2023-7750 · Sangoma +2 · Asterisk +3

Name of the Vulnerable Software and Affected Versions: Asterisk versions 18.20.0 and prior Asterisk versions 20.5.0 and prior Asterisk version 21.0.0 certified-asterisk versions 18.9-cert5 and prior Description: The issue is related to the PJSIP HEADER dialplan function in Asterisk, where the...

SUSE CVE-2007-6430

Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations "realtime" and host-based authentication, does not check the IP address when the username is correct and there is no...

SUSE CVE-2008-1332

Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2;...

SUSE CVE-2008-1897

The IAX2 channel driver chaniax2 in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow...

SUSE CVE-2011-0495

Stack-based buffer overflow in the asturiencode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary...

SUSE CVE-2018-7284

A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the respjsippubsub module stores the accepted formats present in the Accept headers of the request. Th...

PT-2022-26511 · Sangoma +1 · Asterisk +1

Name of the Vulnerable Software and Affected Versions: Sangoma Asterisk versions 16.28 and earlier, 17, 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1 Description: An issue was discovered in Sangoma Asterisk that allows a connected application to access files outside of the...

DEBIAN-CVE-2021-46837

respjsipt38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrenc...

ALPINE-CVE-2021-32558

An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...

PT-2021-11857 · Sangoma +1 · Asterisk +1

Name of the Vulnerable Software and Affected Versions: Sangoma Asterisk versions 13.38.1, 16.15.1, 17.9.1, and 18.1.1 Description: A buffer overflow in the res pjsip diversion.c file allows a remote attacker to crash Asterisk by deliberately misusing SIP 181 responses. Recommendations: For versio...

DEBIAN-CVE-2020-35652

An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...

PT-2021-11818 · Asterisk +1 · Asterisk +1

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 13.38.0 Asterisk versions 14.x through 16.x before 16.15.0 Asterisk versions 17.x before 17.9.0 Asterisk versions 18.x before 18.1.0 Description: An issue was discovered in res pjsip diversion.c. A crash can occur...

PT-2020-16952 · Sangoma +1 · Asterisk +1

Name of the Vulnerable Software and Affected Versions: Asterisk Open Source versions 13.x through 13.37.0 Asterisk Open Source versions 16.x through 16.14.0 Asterisk Open Source versions 17.x through 17.8.0 Asterisk Open Source versions 18.x through 18.0.0 Certified Asterisk versions prior to...