Vulnerabilites related to digium - asterisknow
cve-2011-1147
Vulnerability from cvelistv5
Published
2011-03-15 17:00
Modified
2024-08-06 22:14
Severity ?
EPSS score ?
Summary
Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43702"
},
{
"name": "46474",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46474"
},
{
"name": "DSA-2225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2225"
},
{
"name": "43429",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43429"
},
{
"name": "FEDORA-2011-2438",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
},
{
"name": "ADV-2011-0635",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0635"
},
{
"name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
},
{
"name": "FEDORA-2011-2360",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
},
{
"name": "FEDORA-2011-2558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
},
{
"name": "1025101",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025101"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "43702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43702"
},
{
"name": "46474",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46474"
},
{
"name": "DSA-2225",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2225"
},
{
"name": "43429",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43429"
},
{
"name": "FEDORA-2011-2438",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
},
{
"name": "ADV-2011-0635",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0635"
},
{
"name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
},
{
"name": "FEDORA-2011-2360",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
},
{
"name": "FEDORA-2011-2558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
},
{
"name": "1025101",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025101"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43702"
},
{
"name": "46474",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46474"
},
{
"name": "DSA-2225",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2225"
},
{
"name": "43429",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43429"
},
{
"name": "FEDORA-2011-2438",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
},
{
"name": "ADV-2011-0635",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0635"
},
{
"name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
},
{
"name": "FEDORA-2011-2360",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
},
{
"name": "FEDORA-2011-2558",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
},
{
"name": "1025101",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025101"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2011-002.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1147",
"datePublished": "2011-03-15T17:00:00",
"dateReserved": "2011-03-03T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0495
Vulnerability from cvelistv5
Published
2011-01-20 18:00
Modified
2024-08-06 21:58
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:58:24.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2011-0159",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0159"
},
{
"name": "FEDORA-2011-0794",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001.html"
},
{
"name": "43373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43373"
},
{
"name": "ADV-2011-0449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0449"
},
{
"name": "70518",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/70518"
},
{
"name": "45839",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45839"
},
{
"name": "ADV-2011-0281",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0281"
},
{
"name": "FEDORA-2011-0774",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.html"
},
{
"name": "DSA-2171",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2171"
},
{
"name": "43119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43119"
},
{
"name": "asterisk-asturiencode-bo(64831)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64831"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff"
},
{
"name": "20110118 AST-2011-001: Stack buffer overflow in SIP channel driver",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/515781/100/0/threaded"
},
{
"name": "42935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42935"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2011-0159",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0159"
},
{
"name": "FEDORA-2011-0794",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001.html"
},
{
"name": "43373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43373"
},
{
"name": "ADV-2011-0449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0449"
},
{
"name": "70518",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/70518"
},
{
"name": "45839",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45839"
},
{
"name": "ADV-2011-0281",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0281"
},
{
"name": "FEDORA-2011-0774",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.html"
},
{
"name": "DSA-2171",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2171"
},
{
"name": "43119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43119"
},
{
"name": "asterisk-asturiencode-bo(64831)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64831"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff"
},
{
"name": "20110118 AST-2011-001: Stack buffer overflow in SIP channel driver",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/515781/100/0/threaded"
},
{
"name": "42935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42935"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2011-0159",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0159"
},
{
"name": "FEDORA-2011-0794",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.html"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2011-001.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001.html"
},
{
"name": "43373",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43373"
},
{
"name": "ADV-2011-0449",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0449"
},
{
"name": "70518",
"refsource": "OSVDB",
"url": "http://osvdb.org/70518"
},
{
"name": "45839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45839"
},
{
"name": "ADV-2011-0281",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0281"
},
{
"name": "FEDORA-2011-0774",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.html"
},
{
"name": "DSA-2171",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2171"
},
{
"name": "43119",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43119"
},
{
"name": "asterisk-asturiencode-bo(64831)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64831"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff",
"refsource": "MISC",
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff"
},
{
"name": "20110118 AST-2011-001: Stack buffer overflow in SIP channel driver",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515781/100/0/threaded"
},
{
"name": "42935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42935"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0495",
"datePublished": "2011-01-20T18:00:00",
"dateReserved": "2011-01-19T00:00:00",
"dateUpdated": "2024-08-06T21:58:24.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3727
Vulnerability from cvelistv5
Published
2009-11-10 18:00
Modified
2024-08-07 06:38
Severity ?
EPSS score ?
Summary
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/37265 | third-party-advisory, x_refsource_SECUNIA | |
| https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html | vendor-advisory, x_refsource_FEDORA | |
| http://secunia.com/advisories/37479 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/37677 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2009/dsa-1952 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugzilla.redhat.com/show_bug.cgi?id=523277 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=533137 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/36924 | vdb-entry, x_refsource_BID | |
| https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html | vendor-advisory, x_refsource_FEDORA | |
| http://osvdb.org/59697 | vdb-entry, x_refsource_OSVDB | |
| http://downloads.asterisk.org/pub/security/AST-2009-008.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1023133 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:38:30.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37265"
},
{
"name": "FEDORA-2009-11126",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"
},
{
"name": "37479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37479"
},
{
"name": "37677",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37677"
},
{
"name": "DSA-1952",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=523277"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533137"
},
{
"name": "36924",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36924"
},
{
"name": "FEDORA-2009-11070",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"
},
{
"name": "59697",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/59697"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2009-008.html"
},
{
"name": "1023133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023133"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-11-19T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "37265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37265"
},
{
"name": "FEDORA-2009-11126",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"
},
{
"name": "37479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37479"
},
{
"name": "37677",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37677"
},
{
"name": "DSA-1952",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=523277"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533137"
},
{
"name": "36924",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36924"
},
{
"name": "FEDORA-2009-11070",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"
},
{
"name": "59697",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/59697"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2009-008.html"
},
{
"name": "1023133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023133"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-3727",
"datePublished": "2009-11-10T18:00:00",
"dateReserved": "2009-10-16T00:00:00",
"dateUpdated": "2024-08-07T06:38:30.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2011-01-20 19:00
Modified
2024-11-21 01:24
Severity ?
Summary
Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| digium | asterisk | * | |
| digium | asterisk | * | |
| digium | asterisk | * | |
| digium | asterisk | * | |
| digium | asterisk | * | |
| digium | asterisk | * | |
| digium | asterisk | * | |
| digium | asterisk | * | |
| digium | asterisk | * | |
| digium | asterisknow | 1.5 | |
| fedoraproject | fedora | 13 | |
| fedoraproject | fedora | 14 | |
| debian | debian_linux | 6.0 | |
| digium | s800i_firmware | 1.2.0 | |
| digium | s800i | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:business:*:*:*",
"matchCriteriaId": "FA6C77B1-85FF-47C1-8E1F-CABFF1DEA5FE",
"versionEndExcluding": "c.3.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF68F51-2011-4CEE-A4EA-49A59E440BAA",
"versionEndIncluding": "1.2.40",
"versionStartIncluding": "1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0CCB255-0F1A-4FBE-A04D-A9560D3DF3BE",
"versionEndExcluding": "1.4.38.1",
"versionStartIncluding": "1.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CEB89D-1D84-4B8E-B476-E00726752766",
"versionEndExcluding": "1.4.39.1",
"versionStartIncluding": "1.4.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0F92DAC-5736-49A6-9C52-2330BC4B724B",
"versionEndExcluding": "1.6.1.21",
"versionStartIncluding": "1.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71755241-9AF8-43EE-BD9F-9FF4DFD808D4",
"versionEndExcluding": "1.6.2.15.1",
"versionStartIncluding": "1.6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "007C363A-CBC6-4A05-BD3E-74A5A530B281",
"versionEndExcluding": "1.6.2.16.1",
"versionStartIncluding": "1.6.2.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35488043-2E09-4286-A178-4A25AA5C364F",
"versionEndExcluding": "1.8.1.2",
"versionStartIncluding": "1.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AADFA817-D1C7-49D2-AE6D-55493145BAFF",
"versionEndExcluding": "1.8.2.2",
"versionStartIncluding": "1.8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisknow:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FF81215F-0DD3-48FC-BA1C-19E42FCD47B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE52846-24EC-4068-B788-EC7F915FFF11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:digium:s800i_firmware:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA18EB6-92D5-4B01-A4BC-2B7177D28C40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:digium:s800i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15C35F93-0E57-4AEB-AA5F-4EDFAE753451",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n ast_uri_encode, en main/utils.c, en Asterisk Open Source before v.1.4.38.1, v.1.4.39.1, v.1.6.1.21, v.1.6.2.15.1, v.1.6.2.16.1, v.1.8.1.2, v.1.8.2.; y Business Edition before v.C.3.6.2; cuando se ejecuta en modo \"pedantic\" permite a usuarios autenticados ejectuar c\u00f3digo de su elecci\u00f3n manipulados con el dato llamador ID en vectores que involucran el (1) el driver del SIP, (2) la funci\u00f3n URIENCODE dialplan, o la funci\u00f3n AGI dialplan."
}
],
"id": "CVE-2011-0495",
"lastModified": "2024-11-21T01:24:08.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-20T19:00:08.600",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/70518"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42935"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/43119"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/43373"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2171"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/515781/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/45839"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2011/0159"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2011/0281"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2011/0449"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/70518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/43119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/43373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2011/dsa-2171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/515781/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/45839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2011/0159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2011/0281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2011/0449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64831"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-11-10 18:30
Modified
2024-11-21 01:08
Severity ?
Summary
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39358795-09A6-44C6-B969-1560CEF40057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "8C2DAB51-91ED-43D4-AEA9-7C4661089BAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "A596A018-2FBC-4CEB-9910-756CC6598679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14BDCF8E-0B68-430A-A463-EE40C1A9AD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CA2CD93E-71A5-49EC-B986-5868C05553EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B66B213-4397-4435-8E48-8ED69AAE13D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55131A3D-C892-44EC-83D6-5888C57B11A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "E017DD53-B8EC-4EA2-BF59-18C075C5771D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B940EEC6-4451-42B9-A56D-BDB8801B3685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.3:netsec:*:*:*:*:*:*",
"matchCriteriaId": "CE4AB19F-1338-466D-AAD8-584C79FED1AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "175954A5-E712-41B8-BC11-4F999343063D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.10:netsec:*:*:*:*:*:*",
"matchCriteriaId": "FF5A2AA3-BB1F-4DEA-A369-183877BBDAC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF9E41E-8FE6-4396-A5D4-D4568600FE03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.11:netsec:*:*:*:*:*:*",
"matchCriteriaId": "7B43C508-91E3-49C9-86F0-3643D8F2B7F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4457486F-E9B4-46B8-A05D-3B32F8B639A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.12:netsec:*:*:*:*:*:*",
"matchCriteriaId": "0831E658-36AB-4A4B-9929-3DB6BE855A3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69417F54-D92F-46FB-9BFA-995211279C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.12.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "46A770C7-A7D4-44E3-A8B4-AC2189EAC3DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4611BEA0-25EC-4705-A390-6DF678373FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.13:netsec:*:*:*:*:*:*",
"matchCriteriaId": "4BCD1F97-4B56-4DA8-A6EC-FA42A3CB9B97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "53022458-F443-4402-AC52-FC3AE810E89E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "120B85AA-E9B8-4A4D-81CE-FD36CDB63074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.15:netsec:*:*:*:*:*:*",
"matchCriteriaId": "64D94742-7CA1-487B-90E8-5063FBF88925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "12302460-5D3F-4045-9DBF-606562E03BDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.16:netsec:*:*:*:*:*:*",
"matchCriteriaId": "78546FDF-C843-4E48-ABEE-CC3514AA7C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6EBC0B-9842-44D1-B9D6-EFB88BE22879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.17:netsec:*:*:*:*:*:*",
"matchCriteriaId": "052969F1-6758-46E8-9273-E0F872BD65BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "624A0F00-4629-4550-847F-F24CC93DFF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.18:netsec:*:*:*:*:*:*",
"matchCriteriaId": "E473F645-F8B0-43FE-957B-F053427465DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "10FC9AAB-1FAD-4953-A2FC-D42E9687D27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.19:netsec:*:*:*:*:*:*",
"matchCriteriaId": "460C9907-AA19-402A-85DE-D3CEA98B107B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "CD80F0D6-6B5B-41D3-AC41-F1643865088A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.20:netsec:*:*:*:*:*:*",
"matchCriteriaId": "734D5198-53C1-40D3-B5BF-D74FC71FD3BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "788DEF5E-8A99-463D-89DC-0CC032271554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.21:netsec:*:*:*:*:*:*",
"matchCriteriaId": "C0996D7A-9419-4897-A0AF-498AC3A2A81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "62D670E6-47E5-4B40-9217-F97D5F39C3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.21.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "94C23DB8-3C92-40FE-B8A6-ADF84D28510E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CE7E4E-DA2D-4F03-A226-92965B40AE34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.22:netsec:*:*:*:*:*:*",
"matchCriteriaId": "0C59A947-457E-47EB-832E-3DA70CB52695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "55F74B56-B412-4AF1-AED0-C948AB6DC829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.23:netsec:*:*:*:*:*:*",
"matchCriteriaId": "3B50ADDB-D3C2-407D-8844-F93866E5F20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2775A7CC-2D88-4F2D-8C26-1E0DDDD681E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.24:netsec:*:*:*:*:*:*",
"matchCriteriaId": "F4149B59-E773-4ED8-A71D-EB7D00808819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0408C3-0FA7-4A17-9451-C4D46CDA8F27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.25:netsec:*:*:*:*:*:*",
"matchCriteriaId": "1726090D-0C37-44A4-AD9B-7ED733B8702D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "B92B045B-8CD6-4C04-9CCB-DCE9A44F6C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.26:netsec:*:*:*:*:*:*",
"matchCriteriaId": "54354E16-3238-43E8-BAA9-93CA7EB44D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6867EED4-FC3B-4B72-88A5-DED96C729FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.26.1:netsec:*:*:*:*:*:*",
"matchCriteriaId": "1A0867FC-7161-433F-A416-D7207C8D4D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97BE6B60-3276-4580-843B-743D0D71E3DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.26.2:netsec:*:*:*:*:*:*",
"matchCriteriaId": "36491B32-A405-4C5B-938F-9BEA50A8AF16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6141909B-EBC4-4726-AE9F-669C31257A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "754A51AC-EF20-4736-ADDB-D2A70BCB79EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.28.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4600BB66-6DEB-444B-AF9E-BDD06CFD2876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "EE089E31-3521-4D12-B81C-B6E386AE1409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE86E95-1110-46DF-9A7A-0E1AA56ACE4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.30.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6DF5C5-85B4-4595-A69B-1DE70B5E0E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.30.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5E9888-16CD-4DB2-8889-CE4477559C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.30.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C29C9A2C-6435-444E-A20B-5881F3798B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.30.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E77A2569-CFAE-498D-A633-803849CFECE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D16E88E6-42D0-400E-AF43-111B35CE11E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.31.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE15A42E-030B-48F0-9498-1755DAAEDFB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "39511726-1202-4179-9708-4D3B28496768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9A4328-F274-4591-A386-943FD6608374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "1B4A8C9A-A475-4F02-A6BC-F17CEECBF0AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E56DB29-571D-4615-B347-38CF4590E463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "FC1188DA-6C27-48D2-9CE7-74D77B24EE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "A93B8F91-5C56-44DE-AE29-8468E853759F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BF7F4D02-7C8E-403C-A53E-A5F8C07F33A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "D85031A3-3444-4650-905D-721F1EBAA24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0AC2B3-6E8A-4B26-8A6C-792D9E5072C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC8D6D4-A389-4A78-8DA8-351A9CB896E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E979AC4-58EA-4297-9F90-350924BBE440",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A58CCD3-4A0C-468B-85F2-59A52B7293A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3542DB91-8487-49D6-AA15-E8FD9D6B99D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA4F3F1-C3F1-4E15-A854-9BB84E33E4AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "661D710E-79F0-4E98-B35B-ED0549D35C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68291ADE-F9D1-427B-B150-FDA7F2F4788B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7F80CBCB-F58D-4BE7-8E78-67E04C900D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB61D32E-3400-480E-BD27-BA3F98F94427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D9154EDB-CAE6-4BB0-8D02-9EC2B81D93C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A432B0A7-F158-4B9C-97F6-6A29DB13EAFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "687C67CB-46AF-40C2-8A02-081C7F78568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6E8D6EC0-A61E-4DBC-A0C7-864E9C4BDA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF7F65A-45FD-4586-901E-49B057100BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "300F158E-ED27-46C8-85E4-AA0AA6B201DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6F04C0-3226-4D2C-97A3-39999483C62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "30685A20-963A-48D4-B7D7-2C11C2C812AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C54C3AAC-4D5D-4661-86AB-6849982E8C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F847916-89F1-4AA6-973D-6002C8B54EE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5359815E-671A-4DFD-9E99-8CF903A03C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFBC9E-4DCA-43CB-93EB-6807E2383A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "98755B1B-CAD5-4AC5-8571-52E67C3A8274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D8C8FE-3D09-4F60-AD03-9D4439942141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "902FBE4B-5237-43CD-8EB6-D2CAC0F30879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "708DCACA-49EC-468D-81EC-CE5367F8A164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BA9E3314-7D23-414C-8187-16D807410B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "D824ED7B-BAB6-4C0F-A6B0-A75AB072EC0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A01CE63-F834-48B2-826D-2DAD1B4AE8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88B9CC9D-3DC2-4674-BA52-4C6D4E2056C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1849F-1230-45E7-B6A3-D6FC72EB0F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "873C9C7E-93A3-4269-B19C-AB33A21C1AC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "457F2112-7C5E-4953-8F4C-117925D486DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BD15ADD6-D7FA-441A-A9BC-487BCC15F2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "792A8901-B7B8-40E8-9258-6338B72770FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6C8F78-0C00-45A5-8FEB-2A4BD5AC1A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F3E04247-C4EF-4C1B-B879-5C02986950D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5E382FC8-4001-4058-9151-05AE98B4A35E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11FECE6B-B6A6-4DDA-9019-9A10B05EC1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9813D27-0688-4989-99EB-1DC0F82D59F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D4333904-9D21-4149-965F-F49F0A34BD85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F7180626-F0FD-46F3-AD52-5C67525C4B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "85A1E3A3-C157-4F3D-9477-F63771E7F627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc3:*:*:*:*:*:*",
"matchCriteriaId": "FEE739CC-7A9C-489E-BFC0-6257129C043D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc4:*:*:*:*:*:*",
"matchCriteriaId": "ADC0E947-A95A-44ED-8DED-CC769FF00569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc5:*:*:*:*:*:*",
"matchCriteriaId": "DE52BD9F-3728-455C-BC45-1A4DB926FFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF82D41-9222-42D3-ADAD-94B4F950C63F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE9F181-A8E4-4700-A30F-211CDE251606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5B10AE4B-EC2D-4D5B-B842-50F5097A0650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "83E854D0-17A2-473B-B7E8-41E6447C81DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:rc2:*:*:*:*:*:*",
"matchCriteriaId": "47169133-3854-4D8F-B79E-3CC77A166EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6071601F-CF37-4E66-9D6D-AFC3434C18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2A575824-E005-4820-824A-4875594619E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "080C7089-5662-4A94-9842-C4A26095DA4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE38697-0B16-4032-9234-CA263E4A9885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB18BE2-B073-429C-ABE7-B8305793DAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.24:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FA7216BA-A42F-4ED8-8086-B4FA483FDAB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7D2048-CD61-46C0-830B-11976B275783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "8DBA63FE-62AF-4F3D-B30C-550D17C4E35F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.25:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AD0A0F19-020D-4578-9023-12B0CB646D9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.25.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96D5A1E3-FF0B-4C71-AA51-655D7106880D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D425E6-E2E5-4452-9EAA-2697C1155784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9855FA26-0930-4AC9-A920-B394F6916349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BBA21246-7DF4-41BC-998A-05D38FC97C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc3:*:*:*:*:*:*",
"matchCriteriaId": "EE9A7984-22C9-4296-8E44-C010E67F193D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc4:*:*:*:*:*:*",
"matchCriteriaId": "51B2C42A-C252-4BD8-A908-8F30C2BF15E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc5:*:*:*:*:*:*",
"matchCriteriaId": "2137CEAD-0F19-43C5-A26D-1972564FCD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc6:*:*:*:*:*:*",
"matchCriteriaId": "B7552466-B782-4F16-8561-A2A51E94FED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F8C82D-3031-4C62-89FA-3BF56EA29727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3074CEA-46BD-4CAD-BF5C-10008A80E434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8374B5D-DE7A-4C3C-A5FE-579B17006A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "C7494CE2-D3CC-404D-BE61-09A2E1FB3E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "06E48482-D9AF-4038-80DA-27D9B4907C0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "9BC3C441-290F-471A-BA19-6B1C4D72A670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "632ED295-B67D-43CF-BF38-CCE04088BA08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "50F3835F-6F2B-4EA7-B111-3B3C26548BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "0DCF7BD2-7903-4DC5-ADDC-EFCDC58736C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "E5BECFE0-286F-4DA1-8CA9-6CEE861C3012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta7.1:*:*:*:*:*:*",
"matchCriteriaId": "AFFF3245-2D0F-46E3-A1D6-319086489DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "C91F2524-99D1-4C4B-9A31-21C0FB8B4D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "7B1BC0FF-9DB6-4FCC-A845-053943CF0D24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "419D4D16-E790-4872-B9AF-1320978768C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "73D30BA6-1EE0-4C3F-8F69-65C698A1B9A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "D39FA25D-AB56-470D-94AB-14446DB7D475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4225252F-5960-4A42-A575-00C125860E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A65D76A8-BBDD-4BDE-B789-D745C400DCBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B0F5A5-4252-4A9C-B830-2419E87AE5A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F9085056-3BE9-4309-9601-9CA0569BC215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D8432455-9064-479F-B060-BF2A74ECC3EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8EF2D7-371B-4268-989E-25225CC1F7B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ABAC4CE9-1CFA-4279-B0CE-18F3C6FB9AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E16E37A0-F739-4EEE-A1BB-EBC558C62767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0E2562-D0FC-404C-B725-617AEEF20AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C831EC2A-C99D-4FB1-8E5C-2FF685792F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F37C4158-6C4E-448D-929B-288480748289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBA9D27-E3DC-45CE-B56B-2C6781AA6A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14CD1CCD-DFF2-4813-B56F-EA1C78AA818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4499411B-C92E-47F3-A6F2-8C9011B1CBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "57325096-F4D8-4146-A6FD-93219F2C72D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9684FD88-7422-4272-B9BC-D8638B1AA0B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "648639A2-26C4-4EDA-A982-25D400836696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9F6FF8-8B88-4A02-B23A-0CADA8CE316E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "37DE011D-1C1B-46AC-9265-F82693CE3C9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.0.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "790BF14A-0193-4A5C-802B-D82200B22342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FE4BCF-9AE7-4F41-BA84-E9537CC1EBE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F25B0D15-7C09-4BBB-AC84-A1898F448DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F259057F-3720-45D8-91B4-70A11B759794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A106C460-4CE2-4AC3-B2FD-310F05507511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "3E119FF9-2AD3-450D-8BBF-C6DD063246EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "759221D5-FC37-446D-9628-233B8D0B9120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F82D4812-0429-42D4-BD27-C76CB9E7C368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F8FE11D6-8C0A-450E-B6DA-3AFE04D82232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1FBCC8-4637-4A67-BFFD-C052C3C03C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F7307E10-9FA5-4940-B837-7936384F61DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3D0DC9D6-D4D6-46CB-98DA-F4FC1835B6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBD0747-F3FF-46D8-A3C4-8268E37BC5AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3F759F27-008E-47FB-AC0A-EF11DA19918E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D15C82BA-BD1F-4A19-A907-E6C30042F537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2E802481-C8BD-4218-8CDC-5DB112DA946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0004AADE-1652-4242-A97D-E9818FE03CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "543E9C91-60FE-43AE-9B94-08DD730BA814",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisknow:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FF81215F-0DD3-48FC-BA1C-19E42FCD47B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:digium:s800i:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "565444DE-F67C-4B6E-AC1E-92FC0D8A87CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:digium:s800i:1.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "80E356B2-4AEA-4532-A6F8-13B814BEB2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:digium:s800i:1.3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "60F261AB-3172-4245-8090-744294A0D08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:digium:s800i:1.3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DD6B08-D77D-4275-8F91-2CA47FF6E363",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisk:a:-:business:*:*:*:*:*",
"matchCriteriaId": "B1868709-03F9-47AA-A196-367D783C62BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b:-:business:*:*:*:*:*",
"matchCriteriaId": "564A4529-997D-4615-BED8-AE3FB159689A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.1.3.2:-:business:*:*:*:*:*",
"matchCriteriaId": "FE9D66C4-F49D-4EC4-B5A9-24F28726A9B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.1.3.3:-:business:*:*:*:*:*",
"matchCriteriaId": "BEFA5054-D5F9-4D07-9A66-D7AAD6953F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.2.0:-:business:*:*:*:*:*",
"matchCriteriaId": "D110DCEB-F2F9-4600-B49F-22952C71B785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.2.1:-:business:*:*:*:*:*",
"matchCriteriaId": "3333A119-D92F-433C-BF5D-0037199256C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.3.1:-:business:*:*:*:*:*",
"matchCriteriaId": "19C44C33-EADA-48FD-A634-8066A003AFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.3.2:-:business:*:*:*:*:*",
"matchCriteriaId": "294A2BA2-26EB-40AD-B861-7FA9043CD097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.3.3:-:business:*:*:*:*:*",
"matchCriteriaId": "4FAC61AF-BDF2-4397-A8F8-9D9155836E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.3.4:-:business:*:*:*:*:*",
"matchCriteriaId": "33DE61C2-8C6A-4CD3-8D56-E70C4356CD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.3.5:-:business:*:*:*:*:*",
"matchCriteriaId": "EECB5F75-BCE2-4777-933E-25EB5657750C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.3.6:-:business:*:*:*:*:*",
"matchCriteriaId": "B5D51557-3E67-4C9A-9753-472D13FCA5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.5.0:-:business:*:*:*:*:*",
"matchCriteriaId": "C063FCFA-B1C3-4ACB-B9E7-B3FC973FD898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.5.1:-:business:*:*:*:*:*",
"matchCriteriaId": "761DB3A3-1540-4976-AEB2-F8E45CCCC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.5.2:-:business:*:*:*:*:*",
"matchCriteriaId": "B53CD2C1-9BF0-42F9-B3E3-2C9915E531C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:b.2.5.3:-:business:*:*:*:*:*",
"matchCriteriaId": "947F58B8-21AF-460B-8203-D2605A1F91D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c:-:business:*:*:*:*:*",
"matchCriteriaId": "7CD989BE-8FA0-4EDB-8442-C2E12BD01D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.2.3:-:business:*:*:*:*:*",
"matchCriteriaId": "3FA908BA-BEF8-44A5-AC95-E7CF020D0C94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.3.0:-:business:*:*:*:*:*",
"matchCriteriaId": "78E8936C-033B-49E6-BB39-D5BBBC80EB55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header."
},
{
"lang": "es",
"value": "Asterisk Open Source versi\u00f3n 1.2.x anterior a 1.2.35, versi\u00f3n 1.4.x anterior a 1.4.26.3, versi\u00f3n 1.6.0.x anterior a 1.6.0.17 y versi\u00f3n 1.6.1.x anterior a 1.6.1.9; Business Edition versi\u00f3n A.x.x, versi\u00f3n B.x.x anteriores a B.2.5.12, versi\u00f3n C.2.x.x anterior a C.2.4.5 y versi\u00f3n C.3.x.x anterior a C.3.2.2; AsteriskNOW versi\u00f3n 1.5; y s800i versi\u00f3n 1.3.x anterior a 1.3.0.5, causan diferentes mensajes de error dependiendo de si un nombre de usuario SIP sea v\u00e1lido, lo que permite a los atacantes remotos enumerar nombres de usuario v\u00e1lidos mediante m\u00faltiples mensajes de REGISTER creados con nombres de usuario inconsistentes en el URI en el encabezado To y el Digest en el encabezado Authorization."
}
],
"id": "CVE-2009-3727",
"lastModified": "2024-11-21T01:08:03.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-10T18:30:00.250",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2009-008.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/59697"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37265"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37479"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37677"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/36924"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1023133"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=523277"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533137"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2009-008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/59697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/36924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=523277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=533137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-15 17:55
Modified
2024-11-21 01:25
Severity ?
Summary
Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E56DB29-571D-4615-B347-38CF4590E463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "FC1188DA-6C27-48D2-9CE7-74D77B24EE9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "A93B8F91-5C56-44DE-AE29-8468E853759F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BF7F4D02-7C8E-403C-A53E-A5F8C07F33A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "D85031A3-3444-4650-905D-721F1EBAA24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0AC2B3-6E8A-4B26-8A6C-792D9E5072C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC8D6D4-A389-4A78-8DA8-351A9CB896E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E979AC4-58EA-4297-9F90-350924BBE440",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D9154EDB-CAE6-4BB0-8D02-9EC2B81D93C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A432B0A7-F158-4B9C-97F6-6A29DB13EAFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "687C67CB-46AF-40C2-8A02-081C7F78568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6E8D6EC0-A61E-4DBC-A0C7-864E9C4BDA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF7F65A-45FD-4586-901E-49B057100BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "300F158E-ED27-46C8-85E4-AA0AA6B201DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6F04C0-3226-4D2C-97A3-39999483C62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "30685A20-963A-48D4-B7D7-2C11C2C812AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C54C3AAC-4D5D-4661-86AB-6849982E8C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F847916-89F1-4AA6-973D-6002C8B54EE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5359815E-671A-4DFD-9E99-8CF903A03C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFBC9E-4DCA-43CB-93EB-6807E2383A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "98755B1B-CAD5-4AC5-8571-52E67C3A8274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "C9D8C8FE-3D09-4F60-AD03-9D4439942141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "902FBE4B-5237-43CD-8EB6-D2CAC0F30879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "708DCACA-49EC-468D-81EC-CE5367F8A164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BA9E3314-7D23-414C-8187-16D807410B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "D824ED7B-BAB6-4C0F-A6B0-A75AB072EC0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A01CE63-F834-48B2-826D-2DAD1B4AE8C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.19.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88B9CC9D-3DC2-4674-BA52-4C6D4E2056C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1849F-1230-45E7-B6A3-D6FC72EB0F11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "873C9C7E-93A3-4269-B19C-AB33A21C1AC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "457F2112-7C5E-4953-8F4C-117925D486DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20:rc3:*:*:*:*:*:*",
"matchCriteriaId": "BD15ADD6-D7FA-441A-A9BC-487BCC15F2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "792A8901-B7B8-40E8-9258-6338B72770FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "0E6C8F78-0C00-45A5-8FEB-2A4BD5AC1A37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F3E04247-C4EF-4C1B-B879-5C02986950D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5E382FC8-4001-4058-9151-05AE98B4A35E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11FECE6B-B6A6-4DDA-9019-9A10B05EC1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9813D27-0688-4989-99EB-1DC0F82D59F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D4333904-9D21-4149-965F-F49F0A34BD85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F7180626-F0FD-46F3-AD52-5C67525C4B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc2:*:*:*:*:*:*",
"matchCriteriaId": "85A1E3A3-C157-4F3D-9477-F63771E7F627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc3:*:*:*:*:*:*",
"matchCriteriaId": "FEE739CC-7A9C-489E-BFC0-6257129C043D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc4:*:*:*:*:*:*",
"matchCriteriaId": "ADC0E947-A95A-44ED-8DED-CC769FF00569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22:rc5:*:*:*:*:*:*",
"matchCriteriaId": "DE52BD9F-3728-455C-BC45-1A4DB926FFE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF82D41-9222-42D3-ADAD-94B4F950C63F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE9F181-A8E4-4700-A30F-211CDE251606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5B10AE4B-EC2D-4D5B-B842-50F5097A0650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:rc1:*:*:*:*:*:*",
"matchCriteriaId": "83E854D0-17A2-473B-B7E8-41E6447C81DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:rc2:*:*:*:*:*:*",
"matchCriteriaId": "47169133-3854-4D8F-B79E-3CC77A166EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6071601F-CF37-4E66-9D6D-AFC3434C18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2A575824-E005-4820-824A-4875594619E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "080C7089-5662-4A94-9842-C4A26095DA4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE38697-0B16-4032-9234-CA263E4A9885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "DCB18BE2-B073-429C-ABE7-B8305793DAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.24:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FA7216BA-A42F-4ED8-8086-B4FA483FDAB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7D2048-CD61-46C0-830B-11976B275783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "8DBA63FE-62AF-4F3D-B30C-550D17C4E35F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.25:rc1:*:*:*:*:*:*",
"matchCriteriaId": "AD0A0F19-020D-4578-9023-12B0CB646D9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.25.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96D5A1E3-FF0B-4C71-AA51-655D7106880D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D425E6-E2E5-4452-9EAA-2697C1155784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9855FA26-0930-4AC9-A920-B394F6916349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BBA21246-7DF4-41BC-998A-05D38FC97C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc3:*:*:*:*:*:*",
"matchCriteriaId": "EE9A7984-22C9-4296-8E44-C010E67F193D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc4:*:*:*:*:*:*",
"matchCriteriaId": "51B2C42A-C252-4BD8-A908-8F30C2BF15E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc5:*:*:*:*:*:*",
"matchCriteriaId": "2137CEAD-0F19-43C5-A26D-1972564FCD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26:rc6:*:*:*:*:*:*",
"matchCriteriaId": "B7552466-B782-4F16-8561-A2A51E94FED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F8C82D-3031-4C62-89FA-3BF56EA29727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3074CEA-46BD-4CAD-BF5C-10008A80E434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.26.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6AB8988-FCC6-407A-A7D9-2F7A3A7488B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E06848DE-6EE1-4FD0-A14F-39D41B2F3E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.27:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CF342950-FDD7-41A9-94D5-EDF41130B61E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.27:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6E4543AA-3D54-4444-AD1F-381A87A89DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.27:rc3:*:*:*:*:*:*",
"matchCriteriaId": "AF3036DD-261C-4975-A01E-92CD29479588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.27:rc4:*:*:*:*:*:*",
"matchCriteriaId": "EF07C116-27DC-4875-9DCF-049E2A8EAEA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.27:rc5:*:*:*:*:*:*",
"matchCriteriaId": "88FBC328-538A-4484-A342-1688D9669B9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.27.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF2301E-F6EF-4D28-82EE-FA1AB8CA9E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A53F637C-846A-43FC-BA71-C8571648FA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.28:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E61070F4-1B6B-4814-918E-459DE5119A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "70664E0F-09CF-42C2-A7A7-E635D022E90D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.29:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1E13E1A-C2D4-4E5A-84C8-E6AF061D67C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.29.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E811134-B657-4C50-9AEF-A7F68CA5577A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4CD101-F079-4940-AA79-886B69A7A514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.30:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B7B828E9-5BE3-4E6F-8048-F2B1F2E929CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.30:rc3:*:*:*:*:*:*",
"matchCriteriaId": "75BB2066-74A6-4F89-B54C-35F234DC1F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FE522334-BF53-4E34-949B-CD928B59A341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.31:rc1:*:*:*:*:*:*",
"matchCriteriaId": "648DEC0E-3CBC-4EA2-AF27-2C518B0762CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.31:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B50F4BAE-D00D-4352-B52B-BE1A9FFB6949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A35508-8235-4915-8810-12B2630C82C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.32:rc1:*:*:*:*:*:*",
"matchCriteriaId": "63DD4EE5-6F56-41C7-9CB4-16ADF4F63B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "2347E451-2F89-4EA6-A6E0-22BCB0C8A56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.33:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A86F5360-6FE4-4EA2-9208-076E78C842A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.33:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3CDFA85B-17A4-4ECC-9922-F5546917B4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.33.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7D7DB7-32A7-490E-AED2-C404D371E7C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.34:*:*:*:*:*:*:*",
"matchCriteriaId": "A03632BC-CA0F-42BD-8839-A72DB146A4A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.34:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9DC4EF64-6A1D-47CB-AC07-48CABB612DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.34:rc2:*:*:*:*:*:*",
"matchCriteriaId": "68C00FEF-7850-48F4-8122-4211D080B508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A48F07-42E1-47E9-94EA-44D20A0BAC3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.35:rc1:*:*:*:*:*:*",
"matchCriteriaId": "87D16470-5892-4289-BB35-B69100BCA31E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.36:*:*:*:*:*:*:*",
"matchCriteriaId": "15E71BD7-83D1-4E2B-AD40-BB6B53056C89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.36:rc1:*:*:*:*:*:*",
"matchCriteriaId": "87FDE2E2-5F08-43EF-BBD8-7DCCC0C98870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.37:*:*:*:*:*:*:*",
"matchCriteriaId": "347E9D8C-A372-41F2-AB48-FFCAB454C9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.37:rc1:*:*:*:*:*:*",
"matchCriteriaId": "74F67E57-1DD0-4850-8D7E-7A9748BD106C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.38:*:*:*:*:*:*:*",
"matchCriteriaId": "B208C056-B567-4BEE-A9B7-AEB394341D5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.38:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0C3A2D4-07A9-4D28-AC18-03523E9FF34A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "E6516E0F-9F60-4D20-88D3-B9CD8DC93062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.39:rc1:*:*:*:*:*:*",
"matchCriteriaId": "22147B91-45A4-4834-AC8D-2DC17A706BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.4.39.1:*:*:*:*:*:*:*",
"matchCriteriaId": "677C10DE-46D8-4EF1-BF22-63F3AE37CBC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8B700A-FACB-4BC8-9DF2-972DC63D852B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FFD31B9B-2F43-4637-BE56-47A807384BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E6450D6B-C907-49E6-9788-E4029C09285F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "DDB0432E-024A-4C0C-87FF-448E513D2834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "D6A6A343-FEA2-49E5-9858-455AE3B29470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "D57B94E3-EA37-466C-ADC4-5180D4502FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "64D35A89-6B21-4770-AA0F-424C5C91A254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.0:rc8:*:*:*:*:*:*",
"matchCriteriaId": "14817302-A34A-4980-B148-AEB4B3B49BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61FDFA96-E62A-413B-9846-F51F1F7349EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DA924386-49F6-4371-B975-B1473EEA12F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B74A1B99-8901-4690-B994-1DAD3EFA5ABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4253C7DD-3588-4B35-B96D-C027133BE93F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "24AE11DB-16D3-42BF-BC64-E8982107D35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "53841D77-926C-4362-BC85-BD8B6AC4391D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F98FD6E6-EDE9-437D-B7C2-2DB65B73D230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4BA6CA77-D358-4623-8400-78EFC47ADB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B4E62DAB-45E0-4EAA-8E45-6D3757A679D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1355578C-B384-401A-9123-2789CBECAD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3491F8DB-A162-4608-B5F9-5401FE058CEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C52730A8-D96E-46C1-8905-1D78A93E9C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.2.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E5CD17-B14A-4BDB-BA75-261344FF6F25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6344E43-E8AA-4340-B3A7-72F5D6A5D184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "4C170C1C-909D-4439-91B5-DB1A9CD150C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "EE821BE5-B1D3-4854-A700-3A83E5F15724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "149C57CA-0B4B-4220-87FC-432418D1C393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "035595D5-BBEC-4D85-AD7A-A2C932D2BA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "6DAF5655-F09F-47F8-AFA6-4B95F77A57F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F8E001D8-0A7B-4FDD-88E3-E124ED32B81C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9D5CFFBD-785F-4417-A54A-F3565FD6E736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "D30EF999-92D1-4B19-8E32-1E4B35DE4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "A67D156B-9C43-444F-ADEC-B21D99D1433C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "893EB152-6444-43DB-8714-9735354C873A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F8447EE7-A834-41D7-9204-07BD3752870C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C04F2C9-5672-42F2-B664-A3EE4C954C29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33465668-4C91-4619-960A-D26D77853E53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD08674-0B44-44EA-940B-6812E2D5077D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE87710-A129-43AA-BA08-8001848975FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8F582C6E-5DA0-4D72-A40E-66BDBC5CF2B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E7CEBB8-01B3-4A05-AFE8-37A143C9833E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisk:c.1.0:beta7:business:*:*:*:*:*",
"matchCriteriaId": "1C4E15BB-71AB-4936-9CA7-E844572A3953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.1.0:beta8:business:*:*:*:*:*",
"matchCriteriaId": "EE5823E1-5BFF-44E0-B8DD-4D994073DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.1.6:-:business:*:*:*:*:*",
"matchCriteriaId": "E6C147EF-0C39-4979-A4F6-C0BE288F083F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.1.6.1:-:business:*:*:*:*:*",
"matchCriteriaId": "0C1A8352-DE70-4D4E-BC4D-8EABE5431646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.1.6.2:-:business:*:*:*:*:*",
"matchCriteriaId": "615D7356-E9DD-4149-B1BE-D3C3475A8841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.1.8.0:-:business:*:*:*:*:*",
"matchCriteriaId": "0628E34F-1A60-416D-A29C-EA28E8CC2430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.1.8.1:-:business:*:*:*:*:*",
"matchCriteriaId": "5F54511A-A2A9-4038-9D7D-2283A6709DB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.2.3:-:business:*:*:*:*:*",
"matchCriteriaId": "3FA908BA-BEF8-44A5-AC95-E7CF020D0C94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.3.0:-:business:*:*:*:*:*",
"matchCriteriaId": "78E8936C-033B-49E6-BB39-D5BBBC80EB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.3.1.0:-:business:*:*:*:*:*",
"matchCriteriaId": "5D05D04F-CD6C-4A73-885C-306D7A5CC7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.3.1.1:-:business:*:*:*:*:*",
"matchCriteriaId": "3805B5F3-A4CD-469F-9F8A-A271A79A2B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.3.2.2:-:business:*:*:*:*:*",
"matchCriteriaId": "9FAEBE5E-378A-40DC-B2B9-31F6D1305BCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.3.2.3:-:business:*:*:*:*:*",
"matchCriteriaId": "617B3FE8-39E3-41C0-9348-9507DA43DE93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.3.3.2:-:business:*:*:*:*:*",
"matchCriteriaId": "04AB4C82-71BB-49B7-B4F3-4E75EFB5F1A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:c.3.6.2:-:business:*:*:*:*:*",
"matchCriteriaId": "78B55176-E269-411B-974A-B5D2CE8E08C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisknow:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FF81215F-0DD3-48FC-BA1C-19E42FCD47B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:digium:s800i:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E063F5CE-AAF1-4FB0-9D75-E26F30B85409",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FE4BCF-9AE7-4F41-BA84-E9537CC1EBE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F25B0D15-7C09-4BBB-AC84-A1898F448DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F259057F-3720-45D8-91B4-70A11B759794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "A106C460-4CE2-4AC3-B2FD-310F05507511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "3E119FF9-2AD3-450D-8BBF-C6DD063246EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "759221D5-FC37-446D-9628-233B8D0B9120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F82D4812-0429-42D4-BD27-C76CB9E7C368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F8FE11D6-8C0A-450E-B6DA-3AFE04D82232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1FBCC8-4637-4A67-BFFD-C052C3C03C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F7307E10-9FA5-4940-B837-7936384F61DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3D0DC9D6-D4D6-46CB-98DA-F4FC1835B6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBD0747-F3FF-46D8-A3C4-8268E37BC5AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3F759F27-008E-47FB-AC0A-EF11DA19918E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D15C82BA-BD1F-4A19-A907-E6C30042F537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2E802481-C8BD-4218-8CDC-5DB112DA946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FC8A53-E3C0-4660-BE75-2B5B8B4F8160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "93C020CD-D0EA-4B3E-B33C-F900B08B28FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0004AADE-1652-4242-A97D-E9818FE03CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "543E9C91-60FE-43AE-9B94-08DD730BA814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.10:rc3:*:*:*:*:*:*",
"matchCriteriaId": "252849FA-F46E-4F5A-A488-AA53574CA884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB89B4F-9546-4DF0-B69F-1B9F289BB1E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2E254415-1D59-4A77-80FB-AE3EF10FBB32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DF2407D0-C324-45C4-9FBB-4294F747DBDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F23A36CC-9AA2-4559-946D-6D0621664342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "89C40652-E180-416A-B88A-E6313530E98A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C2C5D-A573-4036-A600-BE28A3E417B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "EE162390-359F-4C5D-902B-275FB1FC3EF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0A3750-0D34-4FB5-B897-17CA0D0B7CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D11BE58D-5B7E-4BB5-988A-7FC2E4B92C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "22631AE6-5DA1-46C6-A239-C232DA0D0E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F5CB8CC-4CC1-4A1B-8AD1-C876D1BC80EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.18:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8591DB43-EAA0-4D58-BA23-EAD916DEA3DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "4E4747F8-1AFC-4AEF-82D8-D6604FB5222E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B82172C9-EA5B-4FC9-A445-0A297AE56FF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0C71CDAB-A299-4F1D-942D-851C899E63BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2FA9AB9-4C83-45A3-9772-3A16030DBF1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A88C639A-9229-4D99-9087-1B0B95539BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B7DE987-7351-495A-8776-37E6B7BF0C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CB5823CC-941F-47AB-AD1F-325181D40E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:digium:asterisk:1.6.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "712AF374-846D-4F21-91C4-1BA9AB33E46D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en las funciones (1) decode_open_type y (2) udptl_rx_packet en main/udptl.c en Asterisk Open Source v1.4.x anterior a v1.4.39.2, v1.6.1.x antes de v1.6.1.22, v1.6.2.x antes de v1.6.2.16.2, y v1.8 antes de v1.8.2.4; Business Edition vC.x.x antes de vC.3.6.3; AsteriskNOW v1.5; y s800i (Asterisk Appliance), cuando el soporte T.38 est\u00e1 activo, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un paquete UDPTL manipulado"
}
],
"id": "CVE-2011-1147",
"lastModified": "2024-11-21T01:25:39.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-03-15T17:55:05.953",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43429"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43702"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2225"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/46474"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1025101"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0635"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}