CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2005-2081
https://notcve.org/view.php?id=CVE-2005-2081
Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character. • http://marc.info/?l=bugtraq&m=111946399501080&w=2 http://www.portcullis-security.com/advisory/advisory-05-013.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/21115 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2003-0779
https://notcve.org/view.php?id=CVE-2003-0779
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. Vulnerabilidad de inyección de SQL en la funcionalidad de registro Call Detail Record (CDR) de Asterisk permite a atacantes remotos ejecutra SQL arbitrario mediante una cadena CallerID. • http://www.atstake.com/research/advisories/2003/a091103-1.txt •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2003-0761
https://notcve.org/view.php?id=CVE-2003-0761
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. Desbordamiento de búfer en el get_msg_text de chan_sip.c en el protocolo de iniciación de sesión de entregas de Asterisk anteriores al 15/08/2003, permite a atacantes remotos ejecutar código arbitrario mediante ciertas peticiones MESSAGE o INFO. • http://www.atstake.com/research/advisories/2003/a090403-1.txt •