CVE-2012-2186
https://notcve.org/view.php?id=CVE-2012-2186
Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action. Vulnerabilidad de lista negra incompleta en main/manager.c en Asterisk Open Source v1.8.x antes de v1.8.15.1 y v10.x antes de v10.7.1, Certified Asterisk v1.8.11-8.1.11 antes de cert6, Digiumphones Asterisk v10.xx-digiumphones antes de v10.7.1-digiumphones y Asterisk Business Edition C.3.x antes de C.3.7.6 permite a usuarios remotos autenticados ejecutar comandos de su elección aprovechándose de los privilegios de origen y proporcionando un valor ExternalIVR en una acción IAM Originate. • http://downloads.asterisk.org/pub/security/AST-2012-012.html http://secunia.com/advisories/50687 http://secunia.com/advisories/50756 http://www.debian.org/security/2012/dsa-2550 http://www.securitytracker.com/id?1027460 •
CVE-2012-2948
https://notcve.org/view.php?id=CVE-2012-2948
chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode. chan_skinny.c en el controlador de canal de Skinny (alias SCCP) en Certified Asterisk 1.8.11-cert antes de v1.8.11-cert2 y Asterisk Open Source v1.8.x antes de v1.8.12.1 y v10.x antes de v10.4.1, permite a usuarios autenticados remotamente provocar una denegación de servicio (eliminar la referencia del puntero NULL y caída demonio) por el cierre de una conexión en el modo de descuelgue. • http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html http://downloads.asterisk.org/pub/security/AST-2012-008.html http://secunia.com/advisories/49303 http://www.debian.org/security/2012/dsa-2493 http://www.securityfocus.com/bid/53723 http://www.securitytracker.com/id?1027103 https://exchange.xforce.ibmcloud.com/vulnerabilities/75937 • CWE-399: Resource Management Errors •
CVE-2009-0041
https://notcve.org/view.php?id=CVE-2009-0041
IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. IAX2 en Asterisk Open Source v1.2.x anterior a v1.2.31, v1.4.x anterior a v1.4.23-rc4, y v1.6.x anterior a v1.6.0.3-rc2; Business Edition A.x.x, B.x.x anterior a B.2.5.7, C.1.x.x anterior a C.1.10.4, y C.2.x.x anterior a C.2.1.2.1; y s800i 1.2.x anterior a v1.3.0 responden de manera distinta ante un intento de acceso fallido dependiendo de si la cuenta de usuario existe, lo que permite a atacantes remotos listar nombres de usuario válidos. • http://downloads.digium.com/pub/security/AST-2009-001.html http://secunia.com/advisories/33453 http://secunia.com/advisories/34982 http://secunia.com/advisories/37677 http://security.gentoo.org/glsa/glsa-200905-01.xml http://securityreason.com/securityalert/4910 http://www.debian.org/security/2009/dsa-1952 http://www.securityfocus.com/archive/1/499884/100/0/threaded http://www.securityfocus.com/bid/33174 http://www.securitytracker.com/id?1021549 http://www.vupen.com/e • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-3264
https://notcve.org/view.php?id=CVE-2008-3264
The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request. La implementación FWDOWNL firmware-download en Asterisk Open Source 1.0.x, 1.2.x antes de 1.2.30 y 1.4.x antes de 1.4.21.2; Business Edition A.x.x, B.x.x antes de B.2.5.4 y C.x.x antes de C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; y s800i 1.0.x antes de 1.2.0.1 permite a atacantes remotos provocar una denegación de servicio (amplificación del tráfico) mediante una petición IAX2 FWDOWNL. • http://downloads.digium.com/pub/security/AST-2008-011.html http://secunia.com/advisories/31178 http://secunia.com/advisories/31194 http://secunia.com/advisories/34982 http://security.gentoo.org/glsa/glsa-200905-01.xml http://www.securityfocus.com/archive/1/494676/100/0/threaded http://www.securityfocus.com/bid/30350 http://www.securitytracker.com/id?1020536 http://www.vupen.com/english/advisories/2008/2168/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43955 https • CWE-287: Improper Authentication •
CVE-2008-2119 – Asterisk 1.2.x - SIP channel driver / in pedantic mode Remote Crash
https://notcve.org/view.php?id=CVE-2008-2119
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer. Asterisk Open Source 1.0.x y 1.2.x anterior 1.2.29 y Business Edition A.x.x y B.x.x anterior B.2.5.3, cuando "pedantic parsing" (también conocido como pedanticsipchecking) está activado, permite a atacantes remotos provocar una denegación de servicio (caída de demonio) a través de un mensaje SIP INVITE que carece de una cabecera From, relacionado con la invocación de la función ast_uri_decode y el manejo incorrecto de (1) una cadena const vacía y (2) un puntero NULL. • https://www.exploit-db.com/exploits/5749 http://bugs.digium.com/view.php?id=12607 http://downloads.digium.com/pub/security/AST-2008-008.html http://secunia.com/advisories/30517 http://secunia.com/advisories/34982 http://security.gentoo.org/glsa/glsa-200905-01.xml http://svn.digium.com/view/asterisk?view=rev&revision=120109 http://www.securityfocus.com/archive/1/493020/100/0/threaded http://www.securitytracker.com/id?1020166 http://www.vupen.com/english/advisories/2008 • CWE-20: Improper Input Validation •