Debian Asterisk vulnerabilities

CVE-2009-0871 [LOW] CVE-2009-0871: asterisk - The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6... The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 before 1.6.0.6; 1.6.1 before 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP INVITE request without any headers, which triggers a NULL pointer dereference in the (1) sip_

CVE-2008-3264 [HIGH] CVE-2008-3264: asterisk - The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.... The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL

CVE-2008-3263 [HIGH] CVE-2008-3263: asterisk - The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2... The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (call-number exhaustion and CPU consumption) by quickly

CVE-2008-1333 [MEDIUM] CVE-2008-1333: asterisk - Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 mig... Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function. Scope: local bullseye: resolved (fixed in 1:1.4.18.1~dfsg-1) sid: resolved (fixed in 1:1.4.18.1~dfsg-1)

CVE-2008-1923 [HIGH] CVE-2008-1923: asterisk - The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.... The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends "early audio" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message. Scope: local bullseye: resolved (

CVE-2008-0095 [MEDIUM] CVE-2008-0095: asterisk - The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edi... The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which trigge

CVE-2008-1332 [HIGH] CVE-2008-1332: asterisk - Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x bef... Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted F

CVE-2008-2119 [MEDIUM] CVE-2008-2119: asterisk - Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x an... Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1)

CVE-2008-1289 [HIGH] CVE-2008-1289: asterisk - Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.... Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote attackers to (1) write a zero to an arbitrary memory location via a large RT

CVE-2008-5558 [MEDIUM] CVE-2008-5558: asterisk - Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 throug... Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching. Scope: local bullseye: resolved (fixed in 1:1.4.0~dfsg-1) sid: resolved (fixed i

CVE-2008-1897 [MEDIUM] CVE-2008-1897: asterisk - The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before ... The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s800i before 1.1.0.3, when configured to allow unauthenticated calls, does not verify that an ACK response contains a c

CVE-2008-3903 [LOW] CVE-2008-3903: asterisk - Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x bef... Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x before 1.6.0.8; Asterisk Business Edition A.x.x, B.x.x before B.2.5.8, C.1.x.x before C.1.10.5, and C.2.x.x before C.2.3.3; s800i 1.3.x before 1.3.0.2; and Trixbox PBX 2.6.1, when Digest authentication and authalwaysreject are enabled, generates different responses depending on whether a SIP

CVE-2008-7220 [HIGH] CVE-2008-7220: asterisk - Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before... Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make "cross-site ajax requests" via unknown vectors. Scope: local bullseye: resolved (fixed in 1:1.6.2.0~rc3-1) sid: resolved (fixed in 1:1.6.2.0~rc3-1)

CVE-2008-1390 [CRITICAL] CVE-2008-1390: asterisk - The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and ... The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values, which makes it easier for remote attackers to hijack a manager ses

CVE-2007-4103 [HIGH] CVE-2007-4103: asterisk - The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x ... The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before 1.2.23, 1.4.x before 1.4.9, and Asterisk Appliance Developer Kit before 0.6.0, when configured to allow unauthenticated calls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of calls that do not complete a 3-way handshake, which causes an ast_channel to be alloca

CVE-2007-2293 [HIGH] CVE-2007-2293: asterisk - Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c ... Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE. Scope: local bullseye: resolved (fixed in 1:1.4.3~dfsg-1)

CVE-2007-3762 [CRITICAL] CVE-2007-3762: asterisk - Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk b... Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame. Scope: local bullseye: res

CVE-2007-5358 [MEDIUM] CVE-2007-5358: asterisk - Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x befor... Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mail

CVE-2007-3763 [MEDIUM] CVE-2007-3763: asterisk - The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1... The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which r

CVE-2007-6171 [HIGH] CVE-2007-6171: asterisk - SQL injection vulnerability in the Postgres Realtime Engine (res_config_pgsql) i... SQL injection vulnerability in the Postgres Realtime Engine (res_config_pgsql) in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Scope: local bullseye: resolved (fixed in 1:1.4.15~dfsg-1) sid: resolved (fixed in 1:1.4.15~dfsg-1)