Lucene search
+L

43 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4689

Malware in sbrugna...

5.3CVSS5.3AI score0.04031EPSS
Exploits0References5
nessus
nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2016-2316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - chansip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before...

7.1CVSS6.2AI score0.04973EPSS
Exploits1References2
susecve
susecve
added 2023/02/15 4:47 a.m.4 views

SUSE CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS9.2AI score0.06243EPSS
Exploits0References4
veracode
veracode
added 2022/04/06 10:3 a.m.29 views

Denial Of Service (DoS)

asterisk is vulnerable to denial of service DoS attacks. A null pointer dereference in chansip while handling SDP negotiation allows an attacker to crash the system when handling an SDP answer to an outgoing T.38 re-invite...

5.3CVSS4.1AI score0.04031EPSS
Exploits0References5Affected Software1
redhatcve
redhatcve
added 2019/10/04 9:57 p.m.28 views

CVE-2008-1289

Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote...

7.5CVSS7.2AI score0.11523EPSS
Exploits2References3
osv
osv
added 2019/07/12 8:15 p.m.24 views

CVE-2019-13161

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...

5.3CVSS6.4AI score
Exploits0References4
prion
prion
added 2019/07/12 8:15 p.m.24 views

Null pointer dereference

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chansip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to a...

3.5CVSS5.3AI score0.04031EPSS
Exploits0References4Affected Software3
cve
cve
added 2019/07/12 7:24 p.m.398 views

CVE-2019-13161

CVE-2019-13161 affects Asterisk Open Source (through 13.x/14.x/15.x/16.x and Certified Asterisk up to 13.21-cert3). The issue is a pointer dereference in chan_sip during SDP negotiation, which can crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. Exploitation requires forc...

5.3CVSS5.3AI score0.04031EPSS
Exploits0References4Affected Software1
nessus
nessus
added 2017/05/22 12:0 a.m.13 views

FreeBSD : asterisk -- Buffer Overrun in PJSIP transaction layer (0537afa3-3ce0-11e7-bf9d-001999f8d30b)

The Asterisk project reports : A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...

5.7AI score
Exploits0References3
nessus
nessus
added 2017/04/13 12:0 a.m.39 views

Asterisk 13.13 < 13.13-cert3 / 13.x < 13.14.1 / 14.x < 14.3.1 CDR user Field RCE (AST-2017-001)

According to its SIP banner, the version of Asterisk running on the remote host is 13.13 prior to 13.13-cert3, 13.x prior to 13.14.1, or 14.x prior to 14.3.1. Is it, therefore, affected by a buffer overflow condition due to a failure to check the size when setting the user field on a CDR. An...

8.8CVSS8.2AI score0.06243EPSS
Exploits0References2
freebsd
freebsd
added 2017/04/12 12:0 a.m.24 views

asterisk -- Buffer Overrun in PJSIP transaction layer

The Asterisk project reports: A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...

2.1AI score
Exploits0References2
nvd
nvd
added 2017/04/10 2:59 p.m.28 views

CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS9.1AI score0.06243EPSS
Exploits0References3
osv
osv
added 2017/04/10 2:59 p.m.3 views

UBUNTU-CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS7.9AI score0.06243EPSS
Exploits0References5
prion
prion
added 2017/04/10 2:59 p.m.21 views

Buffer overflow

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

6.5CVSS9AI score0.06243EPSS
Exploits0References3Affected Software2
ubuntucve
ubuntucve
added 2017/04/10 2:59 p.m.28 views

CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS7.8AI score0.06243EPSS
Exploits0References4
osv
osv
added 2017/04/10 2:59 p.m.21 views

CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS7.7AI score
Exploits0References3
debiancve
debiancve
added 2017/04/10 2:0 p.m.57 views

CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS8.9AI score0.06243EPSS
Exploits0
osv
osv
added 2016/12/12 9:59 p.m.5 views

DEBIAN-CVE-2016-9938

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...

5.3CVSS7.1AI score0.03429EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2016/12/12 9:59 p.m.21 views

CVE-2016-9938

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...

5.3CVSS6.1AI score0.03429EPSS
Exploits0References3
prion
prion
added 2016/12/12 9:59 p.m.18 views

Authentication flaw

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...

5CVSS7.2AI score0.03429EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder