Asterisk

Asterisk

33 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2007-4455

  • EPSS 5.04%
  • Veröffentlicht 22.08.2007 01:17:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of s...

3.5

CVE-2007-4280

  • EPSS 2.78%
  • Veröffentlicht 09.08.2007 21:17:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (applicatio...

5

CVE-2007-3765

  • EPSS 0.86%
  • Veröffentlicht 18.07.2007 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN ...

5

CVE-2007-3764

  • EPSS 45.63%
  • Veröffentlicht 18.07.2007 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denia...

5

CVE-2007-3763

  • EPSS 25.18%
  • Veröffentlicht 18.07.2007 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of...

9.3

CVE-2007-3762

  • EPSS 10.2%
  • Veröffentlicht 18.07.2007 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote...

10

CVE-2007-2488

  • EPSS 3.19%
  • Veröffentlicht 07.05.2007 19:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properly null terminate data, which allows remote attackers to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of...

7.8

CVE-2007-2297

  • EPSS 2.1%
  • Veröffentlicht 26.04.2007 20:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x before 1.4.3 does not properly parse SIP UDP packets that do not contain a valid response code, which allows remote attackers to cause a denial of service (crash).

7.8

CVE-2007-2294

  • EPSS 4.61%
  • Veröffentlicht 26.04.2007 20:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in...

7.6

CVE-2007-2293

Exploit
  • EPSS 48.99%
  • Veröffentlicht 26.04.2007 20:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP pa...