CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2009-3723
https://notcve.org/view.php?id=CVE-2009-3723
29 Oct 2019 — asterisk allows calls on prohibited networks asterisk, permite llamadas sobre redes prohibidas • http://downloads.asterisk.org/pub/security/AST-2009-007.html • CWE-863: Incorrect Authorization •
CVSS: 9.0EPSS: 0%CPEs: 117EXPL: 0CVE-2012-2186 – Debian Security Advisory 2550-2
https://notcve.org/view.php?id=CVE-2012-2186
30 Aug 2012 — Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action. Vulnerabilidad de lista negra incompleta en main/manager.c ... • http://downloads.asterisk.org/pub/security/AST-2012-012.html •
CVSS: 6.5EPSS: 3%CPEs: 72EXPL: 0CVE-2012-2948 – Debian Security Advisory 2493-1
https://notcve.org/view.php?id=CVE-2012-2948
29 May 2012 — chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode. chan_skinny.c en el controlador de canal de Skinny (alias SCCP) en Certified Asterisk 1.8.11-cert antes de v1.8.11-cert2 y Asterisk Open Source v1.8.x antes de v1.8.12.1 y v10.x antes d... • http://archives.neohapsis.com/archives/bugtraq/2012-05/0145.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 192EXPL: 0CVE-2009-2346 – Asterisk Project Security Advisory - AST-2009-006
https://notcve.org/view.php?id=CVE-2009-2346
04 Sep 2009 — The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263. La implementación del protocolo IAX2 en Asterisk Open Source v1.2.x antes de v1.2.35... • http://downloads.asterisk.org/pub/security/AST-2009-006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •