cbcvebase.
CVE-2006-4345
published 2006-08-24

CVE-2006-4345: Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted…

PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
7.14%
93.5th percentile
Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted audit endpoint (AUEP) response.

Affected

22 ranges
VendorProductVersion rangeFixed in
debianasterisk< asterisk 1:1.2.11.dfsg-1 (bullseye)asterisk 1:1.2.11.dfsg-1 (bullseye)
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk>= 0 < 1:1.2.11.dfsg-11:1.2.11.dfsg-1

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.