Lucene search
K

51 matches found

debiancve
debiancve
added 2011/01/20 6:0 p.m.41 views

CVE-2011-0495

Stack-based buffer overflow in the asturiencode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary...

6CVSS7.5AI score0.04206EPSS
Exploits0
prion
prion
added 2010/02/23 8:30 p.m.19 views

Design/Logic Flaw

The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the $EXTEN channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters...

5CVSS7AI score0.01381EPSS
Exploits1References9Affected Software1
ubuntucve
ubuntucve
added 2010/02/23 8:30 p.m.36 views

CVE-2010-0685

The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the $EXTEN channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters...

5CVSS5.9AI score0.01381EPSS
Exploits1References2
nvd
nvd
added 2010/02/23 8:30 p.m.24 views

CVE-2010-0685

The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the $EXTEN channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters...

5CVSS6.5AI score0.01381EPSS
Exploits1References9
osv
osv
added 2010/02/23 8:30 p.m.2 views

DEBIAN-CVE-2010-0685

The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the $EXTEN channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters...

5CVSS6.8AI score0.01381EPSS
Exploits1References1
osv
osv
added 2010/02/23 8:30 p.m.11 views

CVE-2010-0685

The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the $EXTEN channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters...

6.7AI score
Exploits0References10
cve
cve
added 2010/02/23 8:0 p.m.71 views

CVE-2010-0685

The CVE-2010-0685 entry affects Asterisk Open Source 1.2.x/1.4.x/1.6.x and Asterisk Business Edition B.x.x/C.x.x, where the Dialplan expansion of the ${EXTEN} channel variable with wildcard pattern matches can be exploited by context-dependent attackers to inject strings into the dialplan. This a...

5CVSS6.6AI score0.01381EPSS
Exploits1References9Affected Software1
cvelist
cvelist
added 2010/02/23 8:0 p.m.26 views

CVE-2010-0685

The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the $EXTEN channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters...

6.4AI score0.01381EPSS
Exploits1References9
debiancve
debiancve
added 2010/02/23 8:0 p.m.43 views

CVE-2010-0685

The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the $EXTEN channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters...

5CVSS6.5AI score0.01381EPSS
Exploits1
securityvulns
securityvulns
added 2010/02/22 12:0 a.m.26 views

Asterisk dialplan modification

Atacker can control dialplan if $EXTEN macro is used...

3.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2010/02/22 12:0 a.m.39 views

AST-2010-002: Dialplan injection vulnerability

Asterisk Project Security Advisory - AST-2010-002 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Dialplan injection vulnerability |...

0.5AI score
Exploits0
Rows per page
Query Builder