Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2016/10/26 12:0 a.m.39 views

Debian DSA-3700-1 : asterisk - security update

Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in denial of service or incorrect certificate validation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

7.5CVSS6.3AI score0.46156EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2016/05/04 12:0 a.m.48 views

Debian DLA-455-1 : asterisk security update

CVE-2014-6610 Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the resfaxspandsp module, allows remote authenticated users to cause a denial of service crash via an out of call message, which is not properly handled in the...

9CVSS7.9AI score0.46156EPSS
Exploits1References8
Debian
Debian
added 2016/05/03 8:31 p.m.38 views

[SECURITY] [DLA 455-1] asterisk security update

Package : asterisk Version : 1:1.8.13.1dfsg1-3+deb7u4 CVE ID : CVE-2014-2286 CVE-2014-4046 CVE-2014-6610 CVE-2014-8412 CVE-2014-8418 CVE-2015-3008 Debian Bug : 741313 762164 771463 782411 CVE-2014-6610 Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6...

9CVSS5.8AI score0.46156EPSS
Exploits1
OSV
OSV
added 2016/05/03 12:0 a.m.46 views

DLA-455-1 asterisk - security update

Bulletin has no description...

9CVSS4.3AI score0.46156EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/04/28 12:0 a.m.33 views

Mandriva Linux Security Advisory : asterisk (MDVSA-2015:206)

Updated asterisk packages fix security vulnerability : When Asterisk registers to a SIP TLS device and and verifies the server, Asterisk will accept signed certificates that match a common name other than the one Asterisk is expecting if the signed certificate has a common name containing a null...

4.3CVSS7.2AI score0.46156EPSS
Exploits0References2
OSV
OSV
added 2015/04/15 9:1 a.m.11 views

MGASA-2015-0153 Updated asterisk packages fix CVE-2015-3008

Updated asterisk packages fix security vulnerability: When Asterisk registers to a SIP TLS device and verifies the server, Asterisk will accept signed certificates that match a common name other than the one Asterisk is expecting if the signed certificate has a common name containing a null byte...

4.3CVSS7.1AI score0.46156EPSS
Exploits0References5
Mageia
Mageia
added 2015/04/15 9:1 a.m.43 views

Updated asterisk packages fix CVE-2015-3008

Updated asterisk packages fix security vulnerability: When Asterisk registers to a SIP TLS device and verifies the server, Asterisk will accept signed certificates that match a common name other than the one Asterisk is expecting if the signed certificate has a common name containing a null byte...

4.3CVSS7.1AI score0.46156EPSS
Exploits0References4
securityvulns
securityvulns
added 2015/04/13 12:0 a.m.77 views

AST-2015-003: TLS Certificate Common name NULL byte exploit

Asterisk Project Security Advisory - AST-2015-003 Product Asterisk Summary TLS Certificate Common name NULL byte exploit Nature of Advisory Man in the Middle Attack Susceptibility Remote Authenticated Sessions Severity Major Exploits Known None Reported On 12 January, 2015 Reported By Maciej...

4.3CVSS0.5AI score0.46156EPSS
Exploits0
OSV
OSV
added 2015/04/10 3:0 p.m.5 views

CVE-2015-3008

Asterisk Open Source 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x before 12.8.2, and 13.x before 13.3.2 and Certified Asterisk 1.8.28 before 1.8.28-cert5, 11.6 before 11.6-cert11, and 13.1 before 13.1-cert2, when registering a SIP TLS device, does not properly handle a null byte in a domain nam...

7.2AI score
Exploits0References10
CVE
CVE
added 2015/04/10 2:0 p.m.115 views

CVE-2015-3008

CVE-2015-3008 affects Asterisk Open Source: 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x before 12.8.2, 13.x before 13.3.2, and Certified Asterisk equivalents (e.g., 1.8.28 before 1.8.28-cert5, 11.6 before 11.6-cert11, 13.1 before 13.1-cert2). Root cause: improper handling of a null byte in the...

4.3CVSS7.1AI score0.46156EPSS
Exploits0References10Affected Software2
Rows per page
Query Builder