Debian Asterisk vulnerabilities
185 known vulnerabilities affecting debian/asterisk.
Total CVEs
185
CISA KEV
0
Public exploits
18
Exploited in wild
0
Severity breakdown
CRITICAL17HIGH46MEDIUM93LOW27
Vulnerabilities
Page 10 of 10
CVE-2014-2287P4LOWCVSS 3.5fixed in asterisk 1:11.8.1~dfsg-1 (bullseye)2014
CVE-2014-2287 [LOW] CVE-2014-2287: asterisk - channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before...
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when chan_sip has a certain configuration, allows remote authenticated users to cause a denial of service (channel and file descriptor consumption) via an INVITE request with a
debian
CVE-2012-2948P4MEDIUMCVSS 4.0fixed in asterisk 1:1.8.13.0~dfsg-1 (bullseye)2012
CVE-2012-2948 [MEDIUM] CVE-2012-2948: asterisk - chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8....
chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode.
Scope: local
bullseye: resolved (fixed i
debian
CVE-2012-2947P4LOWCVSS 2.6fixed in asterisk 1:1.8.13.0~dfsg-1 (bullseye)2012
CVE-2012-2947 [LOW] CVE-2012-2947: asterisk - chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before ...
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service (daemon crash) by placing a call on hold.
Scope: local
bullseye: resolved (fixed in 1:1.8.13.0~dfsg-1)
si
debian
CVE-2007-4280P4LOWCVSS 3.5fixed in asterisk 1:1.4.10~dfsg-1 (bullseye)2007
CVE-2007-4280 [LOW] CVE-2007-4280: asterisk - The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, A...
The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array
debian
CVE-2009-3723MEDIUMCVSS 7.5fixed in asterisk 1:1.6.2.0~rc3-2 (bullseye)2009
CVE-2009-3723 [HIGH] CVE-2009-3723: asterisk - asterisk allows calls on prohibited networks
asterisk allows calls on prohibited networks
Scope: local
bullseye: resolved (fixed in 1:1.6.2.0~rc3-2)
sid: resolved (fixed in 1:1.6.2.0~rc3-2)
debian
← Previous10 / 10