cbcvebase.

Debian Asterisk vulnerabilities

185 known vulnerabilities affecting debian/asterisk.

Total CVEs
185
CISA KEV
0
Public exploits
18
Exploited in wild
0
Severity breakdown
CRITICAL17HIGH46MEDIUM93LOW27

Vulnerabilities

Page 10 of 10
CVE-2014-2287P4LOWCVSS 3.5fixed in asterisk 1:11.8.1~dfsg-1 (bullseye)2014
CVE-2014-2287 [LOW] CVE-2014-2287: asterisk - channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before... channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when chan_sip has a certain configuration, allows remote authenticated users to cause a denial of service (channel and file descriptor consumption) via an INVITE request with a
debian
CVE-2012-2948P4MEDIUMCVSS 4.0fixed in asterisk 1:1.8.13.0~dfsg-1 (bullseye)2012
CVE-2012-2948 [MEDIUM] CVE-2012-2948: asterisk - chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.... chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode. Scope: local bullseye: resolved (fixed i
debian
CVE-2012-2947P4LOWCVSS 2.6fixed in asterisk 1:1.8.13.0~dfsg-1 (bullseye)2012
CVE-2012-2947 [LOW] CVE-2012-2947: asterisk - chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before ... chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service (daemon crash) by placing a call on hold. Scope: local bullseye: resolved (fixed in 1:1.8.13.0~dfsg-1) si
debian
CVE-2007-4280P4LOWCVSS 3.5fixed in asterisk 1:1.4.10~dfsg-1 (bullseye)2007
CVE-2007-4280 [LOW] CVE-2007-4280: asterisk - The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, A... The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array
debian
CVE-2009-3723MEDIUMCVSS 7.5fixed in asterisk 1:1.6.2.0~rc3-2 (bullseye)2009
CVE-2009-3723 [HIGH] CVE-2009-3723: asterisk - asterisk allows calls on prohibited networks asterisk allows calls on prohibited networks Scope: local bullseye: resolved (fixed in 1:1.6.2.0~rc3-2) sid: resolved (fixed in 1:1.6.2.0~rc3-2)
debian
Debian Asterisk vulnerabilities | cvebase