CVE-2009-3727
published 2009-11-10CVE-2009-3727: Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before…
PriorityP427medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
4.20%
89.7th percentile
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
Affected
135 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | asterisk | < asterisk 1:1.6.2.0~rc6-1 (bullseye) | asterisk 1:1.6.2.0~rc6-1 (bullseye) |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Asterisk: SIP responses expose valid usernames (AST-2009-008)
vendor_redhat·2009-11-04·CVSS 5.0
CVE-2009-3727 [MEDIUM] Asterisk: SIP responses expose valid usernames (AST-2009-008)
Asterisk: SIP responses expose valid usernames (AST-2009-008)
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
Debian
CVE-2009-3727: asterisk - Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before ...
vendor_debian·2009·CVSS 5.0
CVE-2009-3727 [MEDIUM] CVE-2009-3727: asterisk - Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before ...
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
Scope: local
bullseye: resolved (fixed in 1:1.6.2.0~rc6-1)
sid: resolved (fixed in 1:1.6.2.0~rc6-1)
GHSA
GHSA-827c-j6w2-8fg4: Asterisk Open Source 1
ghsa_unreviewed·2022-05-02
CVE-2009-3727 [MEDIUM] CWE-200 GHSA-827c-j6w2-8fg4: Asterisk Open Source 1
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
OSV
CVE-2009-3727: Asterisk Open Source 1
osv·2009-11-10·CVSS 5.0
CVE-2009-3727 [MEDIUM] CVE-2009-3727: Asterisk Open Source 1
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-3727 dokuwiki: installation path disclosure via a direct request to a .php file
bugzilla·2011-09-26·CVSS 5.0
CVE-2011-3727 [MEDIUM] CVE-2011-3727 dokuwiki: installation path disclosure via a direct request to a .php file
CVE-2011-3727 dokuwiki: installation path disclosure via a direct request to a .php file
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-3727 to
the following vulnerability:
Name: CVE-2011-3727
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3727
Assigned: 20110923
Reference: http://www.openwall.com/lists/oss-security/2011/06/27/6
Reference: http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README
Reference: http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/dokuwiki-2009-12-25c
DokuWiki 2009-12-25c allows remote attackers to obtain sensitive
information via a direct request to a .php file, which reveals the
installation path in an error message, as demonstrated by
lib/tpl/index.php and certain other files.
Discussion:
Bugzilla
CVE-2009-3727 Asterisk: SIP responses expose valid usernames (AST-2009-008)
bugzilla·2009-11-05·CVSS 5.0
CVE-2009-3727 [MEDIUM] CVE-2009-3727 Asterisk: SIP responses expose valid usernames (AST-2009-008)
CVE-2009-3727 Asterisk: SIP responses expose valid usernames (AST-2009-008)
Asterisk upstream has released advisory and patches
fixing one informationn leak issue:
http://downloads.asterisk.org/pub/security/AST-2009-008.html
Upstream patches:
http://downloads.digium.com/pub/asa/AST-2009-008-1.2.diff.txt
http://downloads.digium.com/pub/asa/AST-2009-008-1.4.diff.txt
http://downloads.digium.com/pub/asa/AST-2009-008-1.6.0.diff.txt
http://downloads.digium.com/pub/asa/AST-2009-008-1.6.1.diff.txt
CVE Request:
http://www.openwall.com/lists/oss-security/2009/11/05/2
Discussion:
This issue affects latest versions of the Asterisk package, as shipped with
Fedora 10 and 11 (asterisk-1.6.0.15-2.fc10, asterisk-1.6.1.8-1.fc11)
and as scheduled to appear in Fedora 12 (asterisk-1.6.1.8-1.fc12).
Pleas
http://downloads.asterisk.org/pub/security/AST-2009-008.htmlhttp://osvdb.org/59697http://secunia.com/advisories/37265http://secunia.com/advisories/37479http://secunia.com/advisories/37677http://www.debian.org/security/2009/dsa-1952http://www.securityfocus.com/bid/36924http://www.securitytracker.com/id?1023133https://bugzilla.redhat.com/show_bug.cgi?id=523277https://bugzilla.redhat.com/show_bug.cgi?id=533137https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.htmlhttp://downloads.asterisk.org/pub/security/AST-2009-008.htmlhttp://osvdb.org/59697http://secunia.com/advisories/37265http://secunia.com/advisories/37479http://secunia.com/advisories/37677http://www.debian.org/security/2009/dsa-1952http://www.securityfocus.com/bid/36924http://www.securitytracker.com/id?1023133https://bugzilla.redhat.com/show_bug.cgi?id=523277https://bugzilla.redhat.com/show_bug.cgi?id=533137https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html
2009-11-10
Published