MidnightBSD

Advisories for asterisk

CVE-2007-5690 MEDIUM

Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
asterisk zaptel 1.4.5.1
CVE-2008-1897 MEDIUM

The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow unauthenticated calls, does not verify that an ACK response contains a call number matching the server's reply to a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed ACK response that does not complete a 3-way handshake. NOTE: this issue exists because of an incomplete fix for CVE-2008-1923.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
asterisk asterisk_business_edition b.2.3.1
asterisk asterisk_appliance_developer_kit 0.8
asterisk open_source 1.4.16.1
asterisk open_source 1.0.2
asterisk open_source 1.0.3
asterisk open_source 1.0.8
asterisk open_source 1.2.3
asterisk open_source 1.4.12
asterisk open_source 1.2.12
asterisk open_source *
asterisk open_source 1.4.18.1
asterisk open_source 1.2.23
asterisk s800i 1.0.3.3
asterisk open_source 1.0.12
asterisk open_source 1.2.22
asterisk open_source 1.2.9.1
asterisk open_source 1.2.17
asterisk open_source 1.2.26
asterisk open_source 1.2.16
asterisk open_source 1.2.2
asterisk open_source 1.2.26.1
asterisk open_source 1.2.24
asterisk open_source 1.0.0
asterisk open_source 1.0.4
asterisk open_source 1.4.0
asterisk open_source 1.4.18
asterisk open_source 1.2.5
asterisk asterisk_business_edition c.1.6.1
asterisk open_source 1.2.1
asterisk asterisk_appliance_developer_kit 0.6
asterisk asterisk_appliance_developer_kit 0.6.0
asterisk open_source 1.4.12.1
asterisk open_source 1.2.19
asterisk open_source 1.2.4
asterisk asterisk_business_edition b.2.2.0
asterisk open_source 1.2.0
asterisk open_source 1.0.7
asterisk asterisk_appliance_developer_kit 0.5
asterisk open_source 1.2.26.2
asterisk asterisk_business_edition b.2.5.0
asterisk s800i *
asterisk asterisk_business_edition b.1.3.3
asterisk open_source 1.2.7
asterisk open_source 1.2.7.1
asterisk asterisk_appliance_developer_kit 0.2
asterisk open_source 1.2.14
asterisk open_source 1.2.20
asterisk open_source 1.0.6
asterisk open_source 1.0.11.1
asterisk open_source 1.4.16.2
asterisk open_source 1.0.9
asterisk asterisknow 1.0
asterisk open_source 1.4.16
asterisk open_source 1.0.3.4
asterisk asterisk_business_edition *
asterisk open_source 1.2.15
asterisk s800i 1.1.0.1
asterisk asterisk_business_edition a
asterisk asterisknow *
asterisk asterisk_business_edition b.2.3.4
asterisk open_source 1.2.21
asterisk asterisk_business_edition c.1.6.2
asterisk open_source 1.0.1
asterisk open_source 1.4.14
asterisk asterisk_appliance_developer_kit 0.4
asterisk open_source 1.2.8
asterisk open_source 1.2.21.1
asterisk asterisk_appliance_developer_kit 0.3
asterisk open_source 1.0.11
asterisk s800i 1.1.0
asterisk open_source 1.4.11
asterisk open_source 1.2.12.1
asterisk asterisk_business_edition c.1.6
asterisk open_source 1.2.11
asterisk open_source 1.0.5
asterisk s800i 1.0
asterisk asterisknow 1.0.1
asterisk open_source 1.2.18
asterisk open_source 1.4.17
asterisk open_source 1.4.10.1
asterisk open_source 1.2.25
asterisk asterisk_business_edition b.2.3.3
asterisk open_source 1.2.10
asterisk asterisk_business_edition b.2.3.2
asterisk s800i 1.0.1
asterisk open_source 1.4.13
asterisk asterisk_appliance_developer_kit 0.7
asterisk asterisk_business_edition c.1.0
asterisk open_source 1.4.15
asterisk asterisk_business_edition b.1.3.2
asterisk open_source 1.2.13
asterisk s800i 1.0.2
asterisk s800i 1.0.3
asterisk open_source 1.2.9
asterisk open_source 1.4.1
asterisk asterisk_business_edition b.2.2.1
asterisk open_source 1.0
asterisk open_source 1.2.6
asterisk asterisk_business_edition b.2.3.6
asterisk open_source 1.4.10
CVE-2009-2346 HIGH

The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
asterisk opensource 1.4.23.2
asterisk open_source 1.4beta
asterisk opensource 1.4.24
asterisk asterisk b.2.2.1
asterisk open_source 1.4.4
asterisk asterisk c.1.6.2
asterisk open_source 1.4.22.2
asterisk open_source 1.4.16.1
asterisk asterisk c.3.1.0
asterisk open_source 1.4.19.1
asterisk open_source 1.2.3
asterisk open_source 1.4.12
asterisk open_source 1.4.21.1
asterisk open_source 1.2.12
asterisk open_source 1.4.18.1
asterisk open_source 1.2.34
asterisk open_source 1.2.23
asterisk asterisk b.2.3.6
asterisk asterisk b.2.5.4
asterisk open_source 1.2.22
asterisk open_source 1.2.9.1
asterisk open_source 1.2.31
asterisk open_source 1.2.17
asterisk open_source 1.2.26
asterisk open_source 1.2.16
asterisk asterisk c.2.3
asterisk open_source 1.2.2
asterisk open_source 1.2.26.1
asterisk asterisk c.2.3.3
asterisk open_source 1.2.24
asterisk asterisk b.1.3.3
asterisk open_source 1.4.6
asterisk open_source 1.4.0
asterisk asterisk b.2.3.1
asterisk asterisk c.1.6.1
asterisk open_source 1.4.18
asterisk open_source 1.2.5
asterisk open_source 1.2.1
asterisk open_source 1.2.29
asterisk asterisk b.2.5.6
asterisk open_source 1.4.12.1
asterisk open_source 1.2.19
sangoma asterisk 1.6.1.4
asterisk open_source 1.2.4
asterisk open_source 1.2.28
asterisk asterisk b.2.5.5
asterisk open_source 1.2.30.3
asterisk open_source 1.6.1.0
asterisk opensource 1.4.24.1
asterisk open_source 1.2.0
asterisk asterisk b.2.3.3
asterisk open_source 1.4.19.2
asterisk open_source 1.4.21
asterisk open_source 1.2.26.2
asterisk open_source 1.6.1.5
asterisk opensource 1.4.26
asterisk open_source 1.2.7
asterisk open_source 1.4.22.1
asterisk open_source 1.2.7.1
asterisk open_source 1.6.0
asterisk open_source 1.2.14
asterisk opensource 1.4.26.1
asterisk open_source 1.4.22
asterisk open_source 1.2.20
asterisk asterisk b.1.3.2
asterisk asterisk b.2.3.2
asterisk asterisk b.2.5.8
asterisk asterisk c.1.6
asterisk open_source 1.4.2
asterisk asterisk c.1.10.4
asterisk asterisk c.2.1.2.1
asterisk asterisk b.2.3.4
asterisk open_source 1.4.16.2
asterisk asterisk b.2.3.5
asterisk open_source 1.4.9
asterisk open_source 1.4.16
asterisk asterisk b.2.2.0
asterisk open_source 1.2.15
asterisk open_source 1.2.30.2
asterisk asterisk c.1.10.5
asterisk asterisk b.2.5.3
asterisk open_source 1.2.21
asterisk open_source 1.4.14
asterisk open_source 1.2.30
sangoma asterisk 1.6.1
asterisk open_source 1.2.30.4
asterisk asterisk b.2.5.1
asterisk open_source 1.2.8
asterisk open_source 1.2.21.1
asterisk open_source 1.4.7
asterisk open_source 1.4.11
asterisk open_source 1.4.8
asterisk open_source 1.4.19
asterisk open_source 1.2.12.1
asterisk open_source 1.2.11
asterisk open_source 1.2.18
asterisk open_source 1.4.17
asterisk asterisk c.1.8.1
asterisk open_source 1.4.10.1
asterisk asterisk c.2.4.2
asterisk open_source 1.2.25
asterisk open_source 1.2.33
asterisk open_source 1.2.10
asterisk open_source 1.4.23
asterisk open_source 1.4.21.2
asterisk appliance_s800i 1.3
asterisk open_source 1.2.27
asterisk open_source 1.4.5
asterisk open_source 1.4.13
asterisk open_source 1.4.7.1
asterisk open_source 1.4.15
asterisk open_source 1.6.0.1
asterisk appliance_s800i 1.3.0.2
asterisk open_source 1.2.13
asterisk open_source 1.2.9
asterisk open_source 1.4.1
asterisk asterisk c.1.0_beta8
asterisk open_source 1.2.6
asterisk open_source 1.6.0.3
asterisk open_source 1.4.20
asterisk open_source 1.2.32
asterisk asterisk c.1.10.3
asterisk asterisk c.1.0_beta7
asterisk open_source 1.4.3
asterisk asterisk b.2.5.9
asterisk open_source 1.4.10
asterisk open_source 1.6.0.2
CVE-2010-0441 MEDIUM

Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
asterisk asterisk 1.6.0.17
asterisk asterisk 1.6.0.8
asterisk asterisk 1.6.1.10
asterisk asterisk 1.6.1.13
asterisk asterisk 1.6.1.2
asterisk asterisk 1.6.0.20
asterisk asterisk 1.6.1.1
asterisk asterisk 1.6.10-rc1
asterisk asterisk 1.6.0.15
asterisk asterisk 1.6.1.7-rc2
asterisk asterisk 1.6.1.5
asterisk asterisk c.3.1.0
asterisk asterisk 1.6.0.18
asterisk asterisk 1.6.0.3
asterisk asterisk 1.6.1.0
asterisk asterisk 1.6.1.12
asterisk asterisk 1.6.2.1
asterisk asterisk 1.6.1.13-rc1
asterisk asterisk 1.6.1.4
asterisk asterisk 1.6.1.6
asterisk asterisk 1.6.0.18-rc1
asterisk asterisk c.3.1.1
asterisk asterisk 1.6.0.6
asterisk asterisk 1.6.1.8
asterisk asterisk 1.6.0.21
asterisk asterisk 1.6.0.19
asterisk asterisk 1.6.0.18-rc2
asterisk asterisk 1.6.0.20-rc1
asterisk asterisk 1.6.10-rc2
asterisk asterisk 1.6.1.11
asterisk asterisk 1.6.0.10
asterisk asterisk 1.6.0.14
asterisk asterisk 1.6.1.9
asterisk asterisk 1.6.2.1-rc1
asterisk asterisk 1.6.0.1
asterisk asterisk 1.6.0.2
asterisk asterisk 1.6.1.10-rc2
asterisk asterisk c.3.3.3
asterisk asterisk 1.6.0.18-rc3
asterisk asterisk 1.6.1.10-rc3
asterisk asterisk 1.6.0.13
asterisk asterisk 1.6.0.12
asterisk asterisk 1.6.1.12-rc1
asterisk asterisk 1.6.0
asterisk asterisk 1.6.0.16-rc2
asterisk asterisk 1.6.1.10-rc1
asterisk asterisk c.3.2.2
asterisk asterisk 1.6.1.7-rc1
asterisk asterisk 1.6.0.5
asterisk asterisk 1.6.0.16-rc1
asterisk asterisk 1.6.0.21-rc1
asterisk asterisk 1.6.0.7
asterisk asterisk 1.6.0.9
CVE-2011-4063 MEDIUM

chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
asterisk open_source 10.0.0
asterisk open_source 1.8.7
CVE-2012-0885 MEDIUM

chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SDP message with a crypto attribute and a (1) video or (2) text media type, as demonstrated by CSipSimple.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
asterisk open_source 1.8.4.2
asterisk open_source 1.8.5
asterisk open_source 1.8.5.0
asterisk open_source 1.8.4.4
asterisk open_source 1.8.7.1
asterisk open_source 1.8.2.3
asterisk open_source 1.8.8.0
asterisk open_source 1.8.8.1
asterisk open_source 1.8.1
asterisk open_source 1.8.0
asterisk open_source 1.8.2.4
asterisk open_source 1.8.3
asterisk open_source 1.8.4.3
asterisk open_source 1.8.7.0
asterisk open_source 1.8.4
asterisk open_source 1.8.4.1
asterisk open_source 1.8.2
asterisk open_source 1.8.6.0
asterisk open_source 1.8.7.2
asterisk open_source 1.8.3.1
asterisk open_source 1.8.2.2
asterisk open_source 10.0.0
asterisk open_source 1.8.3.2
asterisk open_source 1.8.3.3
asterisk open_source 1.8.1.2
asterisk open_source 1.8.2.1
asterisk open_source 1.8.1.1
CVE-2012-2186 HIGH

Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
asterisk open_source 1.8.4.2
asterisk open_source 1.8.11.1
sangoma asterisk *
asterisk open_source 1.8.2.3
asterisk open_source 1.8.8.0
asterisk business_edition *
asterisk open_source 1.8.12
asterisk open_source 1.8.10.1
asterisk open_source 1.8.11.0
asterisk open_source 1.8.2.4
asterisk digiumphones *
asterisk open_source 10.1.3
asterisk open_source 1.8.4
asterisk open_source 1.8.4.1
asterisk open_source 1.8.8.2
asterisk open_source 1.8.2
asterisk open_source 1.8.6.0
asterisk open_source 1.8.9.0
asterisk open_source 1.8.7.2
asterisk open_source 1.8.3.1
asterisk certified_asterisk *
asterisk open_source 10.2.1
asterisk open_source 1.8.2.2
asterisk open_source 1.8.3.2
asterisk open_source 1.8.12.0
asterisk open_source 1.8.2.1
asterisk open_source 10.3
asterisk open_source 10.1.0
asterisk open_source 1.8.5
asterisk open_source 1.8.5.0
asterisk open_source 1.8.7
asterisk certified_asterisk 1.8.11
asterisk open_source 10.3.1
asterisk open_source 1.8.4.4
asterisk open_source 1.8.7.1
asterisk open_source 1.8.8.1
asterisk open_source 10.2.0
asterisk open_source 1.8.1
asterisk open_source 1.8.0
asterisk open_source 10.1.2
asterisk open_source 1.8.3
asterisk open_source 1.8.4.3
asterisk open_source 1.8.9.3
asterisk open_source 1.8.7.0
asterisk open_source 10.0.1
asterisk open_source 10.1.1
asterisk open_source 1.8.9.2
asterisk open_source 10.0.0
asterisk open_source 1.8.3.3
asterisk open_source 1.8.9.1
asterisk open_source 1.8.1.2
asterisk open_source 1.8.10.0
asterisk open_source 10.3.0
asterisk business_edition c.3.0
asterisk open_source 10.4.0
asterisk open_source 1.8.1.1
CVE-2012-2414 MEDIUM

main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
asterisk open_source 1.8.4.2
asterisk open_source 1.6.2.16
asterisk open_source 1.6.2.19
asterisk open_source 1.6.2.23
asterisk open_source 1.6.2.7
asterisk open_source 1.6.2.15
asterisk open_source 1.6.2.8
asterisk open_source 1.8.2.3
asterisk open_source 1.8.8.0
asterisk open_source 1.6.2.17
asterisk open_source 1.6.2.18.1
asterisk open_source 1.8.10.1
asterisk open_source 1.6.2.17.3
asterisk open_source 1.8.11.0
asterisk open_source 1.6.2.17.2
asterisk open_source 1.8.2.4
asterisk open_source 1.6.2.15.1
asterisk open_source 10.1.3
asterisk open_source 1.8.4
asterisk open_source 1.8.4.1
asterisk open_source 1.8.8.2
asterisk open_source 1.8.2
asterisk open_source 1.8.6.0
asterisk open_source 1.8.9.0
asterisk open_source 1.8.7.2
asterisk open_source 1.8.3.1
asterisk open_source 10.2.1
asterisk open_source 1.8.2.2
asterisk open_source 1.8.3.2
asterisk open_source 1.6.2.11
asterisk open_source 1.6.2.3
asterisk open_source 1.8.2.1
asterisk open_source 1.6.2.12
asterisk open_source 1.6.2.14
asterisk open_source 1.6.2.20
asterisk open_source 10.1.0
asterisk open_source 1.6.2.2
asterisk open_source 1.8.5
asterisk open_source 1.8.5.0
asterisk open_source 1.6.2.0
asterisk open_source 1.6.2.21
asterisk open_source 1.6.2.16.1
asterisk open_source 1.8.4.4
asterisk open_source 1.8.7.1
asterisk open_source 1.8.8.1
asterisk open_source 10.2.0
asterisk open_source 1.6.2.5
asterisk open_source 1.8.1
asterisk open_source 1.6.2.18
asterisk open_source 1.6.2.22
asterisk open_source 1.8.0
asterisk open_source 1.6.2.17.1
asterisk open_source 10.1.2
asterisk open_source 1.8.3
asterisk open_source 1.6.2.9
asterisk open_source 1.6.2.13
asterisk open_source 1.8.4.3
asterisk open_source 1.8.9.3
asterisk open_source 1.8.7.0
asterisk open_source 10.0.1
asterisk open_source 1.6.2.16.2
asterisk open_source 10.1.1
asterisk open_source 1.6.2.18.2
asterisk open_source 1.8.9.2
asterisk open_source 1.6.2.10
asterisk open_source 10.0.0
asterisk open_source 1.8.3.3
asterisk open_source 1.8.9.1
asterisk open_source 1.6.2.4
asterisk open_source 1.8.1.2
asterisk open_source 1.8.10.0
asterisk open_source 1.6.2.1
asterisk open_source 10.3.0
asterisk open_source 1.6.2.6
asterisk open_source 1.8.1.1
CVE-2012-2415 MEDIUM

Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have unspecified other impact via a series of KEYPAD_BUTTON_MESSAGE events.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
asterisk open_source 1.8.4.2
asterisk open_source 1.6.2.16
asterisk open_source 1.6.2.19
asterisk open_source 1.6.2.23
asterisk open_source 1.6.2.7
asterisk open_source 1.6.2.15
asterisk open_source 1.6.2.8
asterisk open_source 1.8.2.3
asterisk open_source 1.8.8.0
asterisk open_source 1.6.2.17
asterisk open_source 1.6.2.18.1
asterisk open_source 1.8.10.1
asterisk open_source 1.6.2.17.3
asterisk open_source 1.8.11.0
asterisk open_source 1.6.2.17.2
asterisk open_source 1.8.2.4
asterisk open_source 1.6.2.15.1
asterisk open_source 10.1.3
asterisk open_source 1.8.4
asterisk open_source 1.8.4.1
asterisk open_source 1.8.8.2
asterisk open_source 1.8.2
asterisk open_source 1.8.6.0
asterisk open_source 1.8.9.0
asterisk open_source 1.8.7.2
asterisk open_source 1.8.3.1
asterisk open_source 10.2.1
asterisk open_source 1.8.2.2
asterisk open_source 1.8.3.2
asterisk open_source 1.6.2.11
asterisk open_source 1.6.2.3
asterisk open_source 1.8.2.1
asterisk open_source 1.6.2.12
asterisk open_source 1.6.2.14
asterisk open_source 1.6.2.20
asterisk open_source 10.1.0
asterisk open_source 1.6.2.2
asterisk open_source 1.8.5
asterisk open_source 1.8.5.0
asterisk open_source 1.6.2.0
asterisk open_source 1.6.2.21
asterisk open_source 1.6.2.16.1
asterisk open_source 1.8.4.4
asterisk open_source 1.8.7.1
asterisk open_source 1.8.8.1
asterisk open_source 10.2.0
asterisk open_source 1.6.2.5
asterisk open_source 1.8.1
asterisk open_source 1.6.2.18
asterisk open_source 1.6.2.22
asterisk open_source 1.8.0
asterisk open_source 1.6.2.17.1
asterisk open_source 10.1.2
asterisk open_source 1.8.3
asterisk open_source 1.6.2.9
asterisk open_source 1.6.2.13
asterisk open_source 1.8.4.3
asterisk open_source 1.8.9.3
asterisk open_source 1.8.7.0
asterisk open_source 10.0.1
asterisk open_source 1.6.2.16.2
asterisk open_source 10.1.1
asterisk open_source 1.6.2.18.2
asterisk open_source 1.8.9.2
asterisk open_source 1.6.2.10
asterisk open_source 10.0.0
asterisk open_source 1.8.3.3
asterisk open_source 1.8.9.1
asterisk open_source 1.6.2.4
asterisk open_source 1.8.1.2
asterisk open_source 1.8.10.0
asterisk open_source 1.6.2.1
asterisk open_source 10.3.0
asterisk open_source 1.6.2.6
asterisk open_source 1.8.1.1
CVE-2012-2416 MEDIUM

chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service (daemon crash) by sending a SIP UPDATE message that triggers a connected-line update attempt without an associated channel.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
asterisk open_source 1.8.4.2
asterisk open_source 1.6.2.16
asterisk open_source 1.6.2.19
asterisk open_source 1.6.2.23
asterisk open_source 1.6.2.7
asterisk open_source 1.6.2.15
asterisk open_source 1.6.2.8
asterisk open_source 1.8.2.3
asterisk open_source 1.8.8.0
asterisk open_source 1.6.2.17
asterisk open_source 1.6.2.18.1
asterisk open_source 1.8.10.1
asterisk open_source 1.6.2.17.3
asterisk open_source 1.8.11.0
asterisk open_source 1.6.2.17.2
asterisk open_source 1.8.2.4
asterisk open_source 1.6.2.15.1
asterisk open_source 10.1.3
asterisk open_source 1.8.4
asterisk open_source 1.8.4.1
asterisk open_source 1.8.8.2
asterisk open_source 1.8.2
asterisk open_source 1.8.6.0
asterisk open_source 1.8.9.0
asterisk open_source 1.8.7.2
asterisk open_source 1.8.3.1
asterisk open_source 10.2.1
asterisk open_source 1.8.2.2
asterisk open_source 1.8.3.2
asterisk open_source 1.6.2.11
asterisk open_source 1.6.2.3
asterisk open_source 1.8.2.1
asterisk open_source 1.6.2.12
asterisk open_source 1.6.2.14
asterisk open_source 1.6.2.20
asterisk open_source 10.1.0
asterisk open_source 1.6.2.2
asterisk open_source 1.8.5
asterisk open_source 1.8.5.0
asterisk open_source 1.6.2.0
asterisk open_source 1.6.2.21
asterisk open_source 1.6.2.16.1
asterisk open_source 1.8.4.4
asterisk open_source 1.8.7.1
asterisk open_source 1.8.8.1
asterisk open_source 10.2.0
asterisk open_source 1.6.2.5
asterisk open_source 1.8.1
asterisk open_source 1.6.2.18
asterisk open_source 1.6.2.22
asterisk open_source 1.8.0
asterisk open_source 1.6.2.17.1
asterisk open_source 10.1.2
asterisk open_source 1.8.3
asterisk open_source 1.6.2.9
asterisk open_source 1.6.2.13
asterisk open_source 1.8.4.3
asterisk open_source 1.8.9.3
asterisk open_source 1.8.7.0
asterisk open_source 10.0.1
asterisk open_source 1.6.2.16.2
asterisk open_source 10.1.1
asterisk open_source 1.6.2.18.2
asterisk open_source 1.8.9.2
asterisk open_source 1.6.2.10
asterisk open_source 10.0.0
asterisk open_source 1.8.3.3
asterisk open_source 1.8.9.1
asterisk open_source 1.6.2.4
asterisk open_source 1.8.1.2
asterisk open_source 1.8.10.0
asterisk open_source 1.6.2.1
asterisk open_source 10.3.0
asterisk open_source 1.6.2.6
asterisk open_source 1.8.1.1
CVE-2012-2948 MEDIUM

chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
asterisk open_source 1.8.0
asterisk open_source 10.1.0
asterisk open_source 1.8.11.0
asterisk open_source 1.8.3
asterisk open_source 1.8.5
asterisk open_source 1.8.5.0
asterisk open_source 1.8.7.0
sangoma asterisk *
asterisk open_source 1.8.2
asterisk open_source 1.8.6.0
asterisk open_source 1.8.9.0
asterisk certified_asterisk 1.8.11
asterisk open_source 10.0.0
asterisk open_source 1.8.12.0
asterisk open_source 1.8.10.0
asterisk open_source 10.3.0
asterisk open_source 1.8.8.0
asterisk open_source 10.4.0
asterisk open_source 10.2.0
asterisk open_source 1.8.1
asterisk open_source 10.3
asterisk open_source 1.8.12
CVE-2013-2264 MEDIUM

The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
asterisk open_source 1.8.4.2
asterisk open_source 1.8.12.1
asterisk open_source 1.8.11.1
asterisk open_source 10.10.1
asterisk digiumphones 10.2.0
asterisk business_edition c.3.2.2
asterisk open_source 10.5.1
asterisk open_source 10.7.0
asterisk open_source 10.5.2
asterisk open_source 1.8.11.0
asterisk open_source 1.8.2.4
asterisk digiumphones 10.9.0
asterisk digiumphones 10.7.0
asterisk digiumphones 10.10.0
asterisk open_source 1.8.19.0
asterisk open_source 1.8.8.2
asterisk digiumphones 10.5.0
asterisk open_source 1.8.2
asterisk open_source 1.8.6.0
asterisk open_source 1.8.9.0
asterisk open_source 1.8.12.0
asterisk open_source 1.8.15.0
asterisk digiumphones 10.6.0
asterisk digiumphones 10.0.0
asterisk certified_asterisk 1.8.15
asterisk open_source 10.9.0
asterisk open_source 1.8.5.0
asterisk open_source 10.12.1
asterisk open_source 1.8.13.0
asterisk open_source 10.3.1
asterisk open_source 1.8.16.0
asterisk open_source 1.8.4.4
asterisk open_source 1.8.17.0
asterisk open_source 10.11.0
asterisk open_source 10.2.0
asterisk open_source 1.8.1
asterisk open_source 11.1.2
asterisk open_source 10.6.1
asterisk open_source 1.8.14.1
asterisk open_source 1.8.0
asterisk digiumphones 10.3.0
asterisk open_source 10.6.0
asterisk open_source 10.1.2
asterisk open_source 1.8.4.3
asterisk open_source 1.8.20.0
asterisk open_source 1.8.7.0
asterisk open_source 11.1.0
asterisk open_source 10.0.1
asterisk open_source 10.1.1
asterisk open_source 11.0.2
asterisk open_source 10.10.0
asterisk open_source 1.8.9.1
asterisk open_source 11.2.0
asterisk open_source 11.2.1
asterisk open_source 10.3.0
asterisk open_source 1.8.20.1
asterisk open_source 11.0.0
asterisk certified_asterisk 1.8.15.0
asterisk open_source 11.1.1
asterisk open_source 1.8.14.0
asterisk open_source 10.11.1
asterisk digiumphones 10.12.1
asterisk open_source 1.8.2.3
asterisk open_source 1.8.8.0
asterisk open_source 1.8.12
asterisk open_source 1.8.10.1
asterisk open_source 10.7.1
asterisk open_source 10.1.3
asterisk open_source 1.8.18.0
asterisk open_source 1.8.4
asterisk open_source 1.8.4.1
asterisk open_source 10.8.0
asterisk business_edition c.3.3
asterisk open_source 1.8.7.2
asterisk open_source 1.8.18.1
asterisk open_source 1.8.3.1
asterisk open_source 10.2.1
asterisk open_source 1.8.2.2
asterisk open_source 1.8.3.2
asterisk open_source 1.8.2.1
asterisk open_source 10.1.0
asterisk digiumphones 10.8.0
asterisk open_source 1.8.5
asterisk open_source 1.8.12.2
asterisk digiumphones 10.12.0
asterisk open_source 10.4.2
asterisk open_source 1.8.7.1
asterisk open_source 1.8.15.1
asterisk open_source 10.4.1
asterisk digiumphones 10.4.0
asterisk open_source 10.5.0
asterisk open_source 1.8.8.1
asterisk digiumphones 10.1.0
asterisk digiumphones 10.11.0
asterisk open_source 1.8.19.1
asterisk open_source 1.8.3
asterisk open_source 1.8.9.3
asterisk open_source 1.8.13.1
asterisk open_source 1.8.9.2
asterisk business_edition c.3.3.2
asterisk open_source 10.0.0
asterisk open_source 1.8.3.3
asterisk open_source 1.8.1.2
asterisk open_source 1.8.10.0
asterisk open_source 10.12.0
asterisk open_source 11.0.1
asterisk open_source 10.4.0
asterisk open_source 1.8.1.1
CVE-2013-2685 HIGH

Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol (SDP) header.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
asterisk open_source 11.2.0
asterisk open_source 11.2.1
asterisk open_source 11.0.0
asterisk open_source 11.1.0
asterisk open_source 11.0.1
asterisk open_source 11.1.1
asterisk open_source 11.0.2
asterisk open_source 11.1.2
CVE-2013-2686 MEDIUM

main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which allows remote attackers to conduct stack-consumption attacks and cause a denial of service (daemon crash) via a crafted HTTP POST request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-5976.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
asterisk open_source 1.8.4.2
asterisk open_source 1.8.12.1
asterisk open_source 1.8.11.1
asterisk open_source 10.10.1
asterisk digiumphones 10.2.0
asterisk open_source 10.5.1
asterisk open_source 10.7.0
asterisk open_source 10.5.2
asterisk open_source 1.8.11.0
asterisk open_source 1.8.2.4
asterisk digiumphones 10.9.0
asterisk digiumphones 10.7.0
asterisk digiumphones 10.10.0
asterisk open_source 1.8.19.0
asterisk open_source 1.8.8.2
asterisk digiumphones 10.5.0
asterisk open_source 1.8.2
asterisk open_source 1.8.6.0
asterisk open_source 1.8.9.0
asterisk open_source 1.8.12.0
asterisk open_source 1.8.15.0
asterisk digiumphones 10.6.0
asterisk digiumphones 10.0.0
asterisk certified_asterisk 1.8.15
asterisk open_source 10.9.0
asterisk open_source 1.8.5.0
asterisk open_source 10.12.1
asterisk open_source 1.8.13.0
asterisk open_source 10.3.1
asterisk open_source 1.8.16.0
asterisk open_source 1.8.4.4
asterisk open_source 1.8.17.0
asterisk open_source 10.11.0
asterisk open_source 10.2.0
asterisk open_source 1.8.1
asterisk open_source 11.1.2
asterisk open_source 10.6.1
asterisk open_source 1.8.14.1
asterisk open_source 1.8.0
asterisk digiumphones 10.3.0
asterisk open_source 10.6.0
asterisk open_source 10.1.2
asterisk open_source 1.8.4.3
asterisk open_source 1.8.20.0
asterisk open_source 1.8.7.0
asterisk open_source 11.1.0
asterisk open_source 10.0.1
asterisk open_source 10.1.1
asterisk open_source 11.0.2
asterisk open_source 10.10.0
asterisk open_source 1.8.9.1
asterisk open_source 11.2.0
asterisk open_source 11.2.1
asterisk open_source 10.3.0
asterisk open_source 1.8.20.1
asterisk open_source 11.0.0
asterisk certified_asterisk 1.8.15.0
asterisk open_source 11.1.1
asterisk open_source 1.8.14.0
asterisk open_source 10.11.1
asterisk digiumphones 10.12.1
asterisk open_source 1.8.2.3
asterisk open_source 1.8.8.0
asterisk open_source 1.8.12
asterisk open_source 1.8.10.1
asterisk open_source 10.7.1
asterisk open_source 10.1.3
asterisk open_source 1.8.18.0
asterisk open_source 1.8.4
asterisk open_source 1.8.4.1
asterisk open_source 10.8.0
asterisk open_source 1.8.7.2
asterisk open_source 1.8.18.1
asterisk open_source 1.8.3.1
asterisk open_source 10.2.1
asterisk open_source 1.8.2.2
asterisk open_source 1.8.3.2
asterisk open_source 1.8.2.1
asterisk open_source 10.1.0
asterisk digiumphones 10.8.0
asterisk open_source 1.8.5
asterisk open_source 1.8.12.2
asterisk digiumphones 10.12.0
asterisk open_source 10.4.2
asterisk open_source 1.8.7.1
asterisk open_source 1.8.15.1
asterisk open_source 10.4.1
asterisk digiumphones 10.4.0
asterisk open_source 10.5.0
asterisk open_source 1.8.8.1
asterisk digiumphones 10.1.0
asterisk digiumphones 10.11.0
asterisk open_source 1.8.19.1
asterisk open_source 1.8.3
asterisk open_source 1.8.9.3
asterisk open_source 1.8.13.1
asterisk open_source 1.8.9.2
asterisk open_source 10.0.0
asterisk open_source 1.8.3.3
asterisk open_source 1.8.1.2
asterisk open_source 1.8.10.0
asterisk open_source 10.12.0
asterisk open_source 11.0.1
asterisk open_source 10.4.0
asterisk open_source 1.8.1.1
CVE-2017-9358 MEDIUM

A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,

Products Affected

Vendor Product Version
sangoma asterisk 14.2.0
sangoma asterisk 13.2.0
sangoma asterisk 13.0.0
sangoma asterisk 14.3.0
sangoma asterisk 13.13.0
sangoma asterisk 13.15.0
sangoma asterisk 13.8.1
sangoma asterisk 13.12.0
sangoma asterisk 13.8.2
sangoma asterisk 13.11.0
asterisk certified_asterisk 13.13.0
sangoma asterisk 13.5.0
sangoma asterisk 13.7.0
sangoma asterisk 14.2.1
sangoma asterisk 14.0.0
sangoma asterisk 14.1.0
sangoma asterisk 13.9.0
sangoma asterisk 13.12.2
sangoma asterisk 13.12.1
sangoma asterisk 13.14.0
sangoma asterisk 13.1.0
sangoma asterisk 13.3.0
sangoma asterisk 14.4.0
sangoma asterisk 13.8.0
sangoma asterisk 13.4.0
sangoma asterisk 13.6.0
sangoma asterisk 13.10.0
CVE-2020-28242 MEDIUM

An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-674,

Products Affected

Vendor Product Version
fedoraproject fedora 33
debian debian_linux 9.0
sangoma asterisk *
asterisk open_source *
asterisk certified_asterisk *
CVE-2021-37706 HIGH

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim’s machine. Users are advised to upgrade as soon as possible. There are no known workarounds.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-191,CWE-191,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
teluu pjsip *
asterisk certified_asterisk 16.8.0
sangoma asterisk *
asterisk certified_asterisk *
CVE-2021-46837

res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrence of the CVE-2019-15297 symptoms but not for exactly the same reason. The crash occurs because there is an append operation relative to the active topology, but this should instead be a replace operation.

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
debian debian_linux 11.0
digium asterisk *
asterisk certified_asterisk 16.8.0
CVE-2022-21723 MEDIUM

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
teluu pjsip *
asterisk certified_asterisk 16.8.0
sangoma asterisk *
CVE-2022-23608 HIGH

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions up to and including 2.11.1 when in a dialog set (or forking) scenario, a hash key shared by multiple UAC dialogs can potentially be prematurely freed when one of the dialogs is destroyed . The issue may cause a dialog set to be registered in the hash table multiple times (with different hash keys) leading to undefined behavior such as dialog list collision which eventually leading to endless loop. A patch is available in commit db3235953baa56d2fb0e276ca510fefca751643f which will be included in the next release. There are no known workarounds for this issue.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
teluu pjsip *
asterisk certified_asterisk 16.8.0
sangoma asterisk *
asterisk certified_asterisk *
CVE-2024-42365

Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with `write=originate` may change all configuration files in the `/etc/asterisk/` directory. This occurs because they are able to curl remote files and write them to disk, but are also able to append to existing files using the `FILE` function inside the `SET` application. This issue may result in privilege escalation, remote code execution and/or blind server-side request forgery with arbitrary protocol. Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2 contain a fix for this issue.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7

Products Affected

Vendor Product Version
asterisk asterisk 21.4.0
asterisk certified_asterisk 18.9
asterisk certified_asterisk 16.8.0
asterisk certified_asterisk 13.13.0
asterisk certified_asterisk 20.7
asterisk asterisk *
asterisk certified_asterisk 16.8