CVE-2003-0779
published 2003-09-22CVE-2003-0779: SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID…
PriorityP431high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.44%
69.9th percentile
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | asterisk | < asterisk 0.7.0 (bullseye) | asterisk 0.7.0 (bullseye) |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | >= 0 < 0.7.0 | 0.7.0 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8q43-h274-m6cf: SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a
ghsa_unreviewed·2022-04-29
CVE-2003-0779 [HIGH] GHSA-8q43-h274-m6cf: SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.
OSV
CVE-2003-0779: SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a
osv·2003-09-22·CVSS 7.5
CVE-2003-0779 [HIGH] CVE-2003-0779: SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.
Debian
CVE-2003-0779: asterisk - SQL injection vulnerability in the Call Detail Record (CDR) logging functionalit...
vendor_debian·2003·CVSS 7.5
CVE-2003-0779 [HIGH] CVE-2003-0779: asterisk - SQL injection vulnerability in the Call Detail Record (CDR) logging functionalit...
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.
Scope: local
bullseye: resolved (fixed in 0.7.0)
sid: resolved (fixed in 0.7.0)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2003-09-22
Published