5 results (0.011 seconds)

CVSS: 9.0EPSS: 1%CPEs: 117EXPL: 0

Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action. Vulnerabilidad de lista negra incompleta en main/manager.c en Asterisk Open Source v1.8.x antes de v1.8.15.1 y v10.x antes de v10.7.1, Certified Asterisk v1.8.11-8.1.11 antes de cert6, Digiumphones Asterisk v10.xx-digiumphones antes de v10.7.1-digiumphones y Asterisk Business Edition C.3.x antes de C.3.7.6 permite a usuarios remotos autenticados ejecutar comandos de su elección aprovechándose de los privilegios de origen y proporcionando un valor ExternalIVR en una acción IAM Originate. • http://downloads.asterisk.org/pub/security/AST-2012-012.html http://secunia.com/advisories/50687 http://secunia.com/advisories/50756 http://www.debian.org/security/2012/dsa-2550 http://www.securitytracker.com/id?1027460 •

CVSS: 4.0EPSS: 96%CPEs: 72EXPL: 0

chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode. chan_skinny.c en el controlador de canal de Skinny (alias SCCP) en Certified Asterisk 1.8.11-cert antes de v1.8.11-cert2 y Asterisk Open Source v1.8.x antes de v1.8.12.1 y v10.x antes de v10.4.1, permite a usuarios autenticados remotamente provocar una denegación de servicio (eliminar la referencia del puntero NULL y caída demonio) por el cierre de una conexión en el modo de descuelgue. • http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html http://downloads.asterisk.org/pub/security/AST-2012-008.html http://secunia.com/advisories/49303 http://www.debian.org/security/2012/dsa-2493 http://www.securityfocus.com/bid/53723 http://www.securitytracker.com/id?1027103 https://exchange.xforce.ibmcloud.com/vulnerabilities/75937 • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 5%CPEs: 192EXPL: 0

The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263. La implementación del protocolo IAX2 en Asterisk Open Source v1.2.x antes de v1.2.35, v1.4.x antes de v1.4.26.2, v1.6.0.x antes de v1.6.0.15, v1.6.1.x antes de v1.6.1.x; Business Edition vB.x.x antes de que vB.2.5.10, vC.2.x antes vC.2.4.3 y vC.3.x antes de C.3.1.1; y S800i v1.3.x antes de v1.3.0.3 permite a atacantes remotos causar una denegación de servicio iniciando muchos intercambios de mensajes IAX2. Se trata de una aunto relacionado con la CVE-2008-3263. • http://downloads.asterisk.org/pub/security/AST-2009-006.html http://secunia.com/advisories/36593 http://securitytracker.com/id?1022819 http://www.securityfocus.com/archive/1/506257/100/0/threaded http://www.securityfocus.com/bid/36275 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 150EXPL: 0

IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. IAX2 en Asterisk Open Source v1.2.x anterior a v1.2.31, v1.4.x anterior a v1.4.23-rc4, y v1.6.x anterior a v1.6.0.3-rc2; Business Edition A.x.x, B.x.x anterior a B.2.5.7, C.1.x.x anterior a C.1.10.4, y C.2.x.x anterior a C.2.1.2.1; y s800i 1.2.x anterior a v1.3.0 responden de manera distinta ante un intento de acceso fallido dependiendo de si la cuenta de usuario existe, lo que permite a atacantes remotos listar nombres de usuario válidos. • http://downloads.digium.com/pub/security/AST-2009-001.html http://secunia.com/advisories/33453 http://secunia.com/advisories/34982 http://secunia.com/advisories/37677 http://security.gentoo.org/glsa/glsa-200905-01.xml http://securityreason.com/securityalert/4910 http://www.debian.org/security/2009/dsa-1952 http://www.securityfocus.com/archive/1/499884/100/0/threaded http://www.securityfocus.com/bid/33174 http://www.securitytracker.com/id?1021549 http://www.vupen.com/e • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 97%CPEs: 8EXPL: 3

Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote attackers to (1) write a zero to an arbitrary memory location via a large RTP payload number, related to the ast_rtp_unset_m_type function in main/rtp.c; or (2) write certain integers to an arbitrary memory location via a large number of RTP payloads, related to the process_sdp function in channels/chan_sip.c. Múltiples desbordamientos de búfer en Asterisk Open Source 1.4.x antes de 1.4.18.1 y 1.4.19-rc3, Open Source 1.6.x antes de 1.6.0-beta6, Business Edition C.x.x antes de C.1.6.1, AsteriskNOW 1.0.x antes de 1.0.2, Appliance Developer Kit antes de 1.4 revisión 109386 y s800i 1.1.x antes de 1.1.0.2 permite a atacantes remotos (1) escribir un cero en una posición de memoria de su elección a través de un número de carga útil (payload) RTP grande, relacionada con la función ast_rtp_unset_m_type en main/rtp.c; o (2) escribir ciertos enteros en una posición de memoria de su elección a través de un número grande de cargas útiles RTP, relacionadas con la función process_sdp en channels/chan_sip.c. • https://www.exploit-db.com/exploits/31440 http://downloads.digium.com/pub/security/AST-2008-002.html http://labs.musecurity.com/advisories/MU-200803-01.txt http://secunia.com/advisories/29426 http://secunia.com/advisories/29470 http://securityreason.com/securityalert/3763 http://securitytracker.com/id?1019628 http://www.asterisk.org/node/48466 http://www.securityfocus.com/archive/1/489817/100/0/threaded http://www.securityfocus.com/bid/28308 http://www.vupen.com/english&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •