CVE-2011-2536
published 2011-07-06CVE-2011-2536: chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41.2, 1.6.2.x before 1.6.2.18.2, and 1.8.x before 1.8.4.4, and Asterisk Business…
PriorityP426medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.94%
77.7th percentile
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41.2, 1.6.2.x before 1.6.2.18.2, and 1.8.x before 1.8.4.4, and Asterisk Business Edition C.3.x before C.3.7.3, disregards the alwaysauthreject option and generates different responses for invalid SIP requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests.
Affected
118 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | asterisk | < asterisk 1:1.8.4.4~dfsg-1 (bullseye) | asterisk 1:1.8.4.4~dfsg-1 (bullseye) |
| debian | asterisk | < asterisk 1:1.8.3.3-1 (bullseye) | asterisk 1:1.8.3.3-1 (bullseye) |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
| digium | asterisk | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6w9r-hx89-h863: The default configuration of the SIP channel driver in Asterisk Open Source 1
ghsa_unreviewed·2022-05-17·CVSS 5.0
CVE-2011-2666 [MEDIUM] GHSA-6w9r-hx89-h863: The default configuration of the SIP channel driver in Asterisk Open Source 1
The default configuration of the SIP channel driver in Asterisk Open Source 1.4.x through 1.4.41.2 and 1.6.2.x through 1.6.2.18.2 does not enable the alwaysauthreject option, which allows remote attackers to enumerate account names by making a series of invalid SIP requests and observing the differences in the responses for different usernames, a different vulnerability than CVE-2011-2536.
GHSA
GHSA-939c-fxc3-rc2x: chan_sip
ghsa_unreviewed·2022-05-17
CVE-2011-2536 [MEDIUM] CWE-200 GHSA-939c-fxc3-rc2x: chan_sip
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41.2, 1.6.2.x before 1.6.2.18.2, and 1.8.x before 1.8.4.4, and Asterisk Business Edition C.3.x before C.3.7.3, disregards the alwaysauthreject option and generates different responses for invalid SIP requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests.
OSV
CVE-2011-2536: chan_sip
osv·2011-07-06·CVSS 5.0
CVE-2011-2536 [MEDIUM] CVE-2011-2536: chan_sip
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41.2, 1.6.2.x before 1.6.2.18.2, and 1.8.x before 1.8.4.4, and Asterisk Business Edition C.3.x before C.3.7.3, disregards the alwaysauthreject option and generates different responses for invalid SIP requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests.
OSV
CVE-2011-2666: The default configuration of the SIP channel driver in Asterisk Open Source 1
osv·2011-07-06·CVSS 5.0
CVE-2011-2666 [MEDIUM] CVE-2011-2666: The default configuration of the SIP channel driver in Asterisk Open Source 1
The default configuration of the SIP channel driver in Asterisk Open Source 1.4.x through 1.4.41.2 and 1.6.2.x through 1.6.2.18.2 does not enable the alwaysauthreject option, which allows remote attackers to enumerate account names by making a series of invalid SIP requests and observing the differences in the responses for different usernames, a different vulnerability than CVE-2011-2536.
Debian
CVE-2011-2536: asterisk - chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41...
vendor_debian·2011·CVSS 5.0
CVE-2011-2536 [MEDIUM] CVE-2011-2536: asterisk - chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41...
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41.2, 1.6.2.x before 1.6.2.18.2, and 1.8.x before 1.8.4.4, and Asterisk Business Edition C.3.x before C.3.7.3, disregards the alwaysauthreject option and generates different responses for invalid SIP requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests.
Scope: local
bullseye: resolved (fixed in 1:1.8.4.4~dfsg-1)
sid: resolved (fixed in 1:1.8.4.4~dfsg-1)
Debian
CVE-2011-2666: asterisk - The default configuration of the SIP channel driver in Asterisk Open Source 1.4....
vendor_debian·2011·CVSS 5.0
CVE-2011-2666 [MEDIUM] CVE-2011-2666: asterisk - The default configuration of the SIP channel driver in Asterisk Open Source 1.4....
The default configuration of the SIP channel driver in Asterisk Open Source 1.4.x through 1.4.41.2 and 1.6.2.x through 1.6.2.18.2 does not enable the alwaysauthreject option, which allows remote attackers to enumerate account names by making a series of invalid SIP requests and observing the differences in the responses for different usernames, a different vulnerability than CVE-2011-2536.
Scope: local
bullseye: resolved (fixed in 1:1.8.3.3-1)
sid: resolved (fixed in 1:1.8.3.3-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://downloads.asterisk.org/pub/security/AST-2011-011-1.8.diffhttp://downloads.asterisk.org/pub/security/AST-2011-011.htmlhttp://www.securitytracker.com/id?1025734http://downloads.asterisk.org/pub/security/AST-2011-011-1.8.diffhttp://downloads.asterisk.org/pub/security/AST-2011-011.htmlhttp://www.securitytracker.com/id?1025734
2011-07-06
Published