Asterisk Security Vulnerabilities and Issues — Asterisk CVE List

Lucene search

DigiumAsterisk

2 matches found

CVE•added 2003/09/17 4:0 a.m.•62 views

CVE-2003-0761

Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.

7.5CVSS8AI score0.00131EPSS

CVE•added 2003/09/22 4:0 a.m.•53 views

CVE-2003-0779

SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.

7.5CVSS8.2AI score0.00032EPSS