cbcvebase.
CVE-2008-1332
published 2008-03-20

CVE-2008-1332: Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and…

PriorityP341high8.8CVSS 2.0
AVNACMAuNCCICAN
EPSS
2.33%
81.4th percentile
Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header.

Affected

105 ranges· showing 25
VendorProductVersion rangeFixed in
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk
asteriskasterisk>= 0 < 1:1.4.18.1~dfsg-11:1.4.18.1~dfsg-1
asteriskasterisk_appliance_developer_kit<= 1.4
asteriskasterisk_appliance_developer_kit
asteriskasterisk_appliance_developer_kit
asteriskasterisk_appliance_developer_kit
asteriskasterisk_appliance_developer_kit
asteriskasterisk_appliance_developer_kit
asteriskasterisk_appliance_developer_kit
asteriskasterisk_appliance_developer_kit
asteriskasterisk_appliance_developer_kit

CVSS provenance

nvdv2.08.8HIGHAV:N/AC:M/Au:N/C:C/I:C/A:N
osv8.8HIGH
vendor_debian8.8MEDIUM
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.