Debian Asterisk vulnerabilities
185 known vulnerabilities affecting debian/asterisk.
Total CVEs
185
CISA KEV
0
Public exploits
18
Exploited in wild
0
Severity breakdown
CRITICAL17HIGH46MEDIUM93LOW27
Vulnerabilities
Page 6 of 10
CVE-2007-4103P4HIGHCVSS 7.5fixed in asterisk 1:1.4.9~dfsg-1 (bullseye)2007
CVE-2007-4103 [HIGH] CVE-2007-4103: asterisk - The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x ...
The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of calls that do not complete a 3-way handshake, which causes an ast_channel to be alloca
debian
CVE-2007-2294P4LOWCVSS 7.8fixed in asterisk 1:1.4.3~dfsg-1 (bullseye)2007
CVE-2007-2294 [HIGH] CVE-2007-2294: asterisk - The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows re...
The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in a NULL pointer dereference.
Scope: local
bullseye: resolved (fixed in 1:1.4.3~dfsg-1)
sid: resolved (fixed in 1:1.4.3~
debian
CVE-2008-3264P3HIGHCVSS 7.8fixed in asterisk 1:1.4.21.2~dfsg-1 (bullseye)2008
CVE-2008-3264 [HIGH] CVE-2008-3264: asterisk - The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2....
The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL
debian
CVE-2006-1827P4MEDIUMCVSS 6.4fixed in asterisk 1:1.2.7.1.dfsg-1 (bullseye)2006
CVE-2006-1827 [MEDIUM] CVE-2006-1827: asterisk - Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows r...
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.
Scope: local
bullseye: resolved (fixed in 1:1.2.7.1.dfsg-1)
sid: resolved (fixed in 1:1.2.7.1.dfsg-1)
debian
CVE-2016-7550P4HIGHCVSS 7.5fixed in asterisk 1:13.11.2~dfsg-1 (bullseye)2016
CVE-2016-7550 [HIGH] CVE-2016-7550: asterisk - asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impac...
asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote).
Scope: local
bullseye: resolved (fixed in 1:13.11.2~dfsg-1)
sid: resolved (fixed in 1:13.11.2~dfsg-1)
debian
CVE-2019-12827P3MEDIUMCVSS 6.5fixed in asterisk 1:16.2.1~dfsg-2 (bullseye)2019
CVE-2019-12827 [MEDIUM] CVE-2019-12827: asterisk - Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, ...
Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message.
Scope: local
bullseye: resolved (fixed in 1:16.2.1~dfsg-2)
sid: resolved (fixed in 1:16.2.1~dfsg-2)
debian
CVE-2019-15297P4LOWCVSS 6.5fixed in asterisk 1:16.10.0~dfsg-1 (bullseye)2019
CVE-2019-15297 [MEDIUM] CVE-2019-15297: asterisk - res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allo...
res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.
Scope: local
bullseye: resolved (fixed in 1:16.10.0~dfsg-1)
sid: resolved (fixed in 1:16.10.0~df
debian
CVE-2007-6170P4MEDIUMCVSS 6.5fixed in asterisk 1:1.4.15~dfsg-1 (bullseye)2007
CVE-2007-6170 [MEDIUM] CVE-2007-6170: asterisk - SQL injection vulnerability in the Call Detail Record Postgres logging engine (c...
SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (2) DNIS arguments.
Scope: local
bullseye: resolved (fixed in 1:1.4.15~dfsg-1)
sid: resolved
debian
CVE-2020-35652P4MEDIUMCVSS 6.5fixed in asterisk 1:16.15.1~dfsg-1 (bullseye)2020
CVE-2020-35652 [MEDIUM] CVE-2020-35652: asterisk - An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.3...
An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is received that contains a tel-uri in the Diversion header.
Scope: local
debian
CVE-2007-2488P4LOWCVSS 10.0fixed in asterisk 1:1.4.5~dfsg-1 (bullseye)2007
CVE-2007-2488 [CRITICAL] CVE-2007-2488: asterisk - The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properl...
The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properly null terminate data, which allows remote attackers to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application crash), by sending a frame that lacks a 0 byte.
Scope: local
bullseye: resolved (fixed in 1:1
debian
CVE-2018-12227P4MEDIUMCVSS 5.3fixed in asterisk 1:13.22.0~dfsg-1 (bullseye)2018
CVE-2018-12227 [MEDIUM] CVE-2018-12227: asterisk - An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before...
An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2. When endpoint specific ACL rules block a SIP request, they respond with a 403 forbidden. However, if an endpoint is not identified, then a 401 unauthorized response
debian
CVE-2016-2232P4MEDIUMCVSS 6.5fixed in asterisk 1:13.7.2~dfsg-1 (bullseye)2016
CVE-2016-2232 [MEDIUM] CVE-2016-2232: asterisk - Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 an...
Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a zero length error correcting redundancy packet for a UDPTL FAX packet that is lost.
Scope: l
debian
CVE-2008-1333P4MEDIUMCVSS 5.8fixed in asterisk 1:1.4.18.1~dfsg-1 (bullseye)2008
CVE-2008-1333 [MEDIUM] CVE-2008-1333: asterisk - Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 mig...
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function.
Scope: local
bullseye: resolved (fixed in 1:1.4.18.1~dfsg-1)
sid: resolved (fixed in 1:1.4.18.1~dfsg-1)
debian
CVE-2022-42705P4MEDIUMCVSS 6.5fixed in asterisk 1:16.28.0~dfsg-0+deb11u2 (bullseye)2022
CVE-2022-42705 [MEDIUM] CVE-2022-42705: asterisk - A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, a...
A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing activity on a subscription via a reliable transport at the same time that Asterisk is also performing activity on that subscription.
Scope: local
bullseye: resolved (f
debian
CVE-2019-13161P4LOWCVSS 5.3fixed in asterisk 1:16.2.1~dfsg-2 (bullseye)2019
CVE-2019-13161 [MEDIUM] CVE-2019-13161: asterisk - An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x t...
An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacke
debian
CVE-2005-2081P4LOWCVSS 5.0fixed in asterisk 1:1.0.9.dfsg-1 (bullseye)2005
CVE-2005-2081 [MEDIUM] CVE-2005-2081: asterisk - Stack-based buffer overflow in the function that parses commands in Asterisk 1.0...
Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character.
Scope: local
bullseye: resolved (fixed in 1:1.0.9.dfsg-1)
sid: resolved (fixed in 1:1.0.9.dfsg-1)
debian
CVE-2016-9938P4MEDIUMCVSS 5.3fixed in asterisk 1:13.13.1~dfsg-1 (bullseye)2016
CVE-2016-9938 [MEDIUM] CVE-2016-9938: asterisk - An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before...
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chan_sip channel driver has a liberal definition for whitespace when attempting to strip the content between a SIP header name and a colon character. Rather than following RFC
debian
CVE-2014-9374P4MEDIUMCVSS 5.0fixed in asterisk 1:13.1.0~dfsg-1 (bullseye)2014
CVE-2014-9374 [MEDIUM] CVE-2014-9374: asterisk - Double free vulnerability in the WebSocket Server (res_http_websocket module) in...
Double free vulnerability in the WebSocket Server (res_http_websocket module) in Asterisk Open Source 11.x before 11.14.2, 12.x before 12.7.2, and 13.x before 13.0.2 and Certified Asterisk 11.6 before 11.6-cert9 allows remote attackers to cause a denial of service (crash) by sending a zero length frame after a non-zero length frame.
Scope: local
bullseye: resolved
debian
CVE-2003-0779P4HIGHCVSS 7.5fixed in asterisk 0.7.0 (bullseye)2003
CVE-2003-0779 [HIGH] CVE-2003-0779: asterisk - SQL injection vulnerability in the Call Detail Record (CDR) logging functionalit...
SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string.
Scope: local
bullseye: resolved (fixed in 0.7.0)
sid: resolved (fixed in 0.7.0)
debian
CVE-2016-2316P4MEDIUMCVSS 5.9fixed in asterisk 1:13.7.2~dfsg-1 (bullseye)2016
CVE-2016-2316 [MEDIUM] CVE-2016-2316: asterisk - chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x befo...
chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retr
debian