Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk 1.2.13 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2003-0761
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote malicious users to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.
Digium Asterisk 1.2.13
785
VMScore
CVE-2007-1306
Asterisk 1.4 prior to 1.4.1 and 1.2 prior to 1.2.16 allows remote malicious users to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference.
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.13
Digium Asterisk 1.2 Beta1
Digium Asterisk 1.2 Beta2
Digium Asterisk 1.2.11
Digium Asterisk 1.2.12
Digium Asterisk 1.2.8
Digium Asterisk 1.2.9
Digium Asterisk 1.2.0 Beta1
Digium Asterisk 1.2.14
Digium Asterisk 1.2.15
Digium Asterisk 1.4.0
Digium Asterisk 1.4.0 Beta1
Digium Asterisk 1.4.0 Beta2
Digium Asterisk 1.2.0 Beta2
Digium Asterisk 1.2.10
Digium Asterisk 1.2.6
Digium Asterisk 1.2.7
1 EDB exploit
694
VMScore
CVE-2006-5445
Unspecified vulnerability in the SIP channel driver (channels/chan_sip.c) in Asterisk 1.2.x prior to 1.2.13 and 1.4.x prior to 1.4.0-beta3 allows remote malicious users to cause a denial of service (resource consumption) via unspecified vectors that result in the creation of &quo...
Digium Asterisk 1.2.12
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.10
Digium Asterisk 1.2.11
Digium Asterisk 1.4.0 Beta1
Digium Asterisk 1.4.0 Beta2
Digium Asterisk 1.2.6
Digium Asterisk 1.2.7
Digium Asterisk 1.2.8
Digium Asterisk 1.2.0 Beta1
Digium Asterisk 1.2.0 Beta2
Digium Asterisk 1.2.9
Digium Asterisk 1.4.0
755
VMScore
CVE-2006-5444
Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x prior to 1.0.12 and 1.2.x prior to 1.2.13, as used by Cisco SCCP phones, allows remote malicious users to execute arbitrary code via a certain dlen value that passes a signed...
Digium Asterisk 0.4
Digium Asterisk 0.7
Digium Asterisk 1.0.8
Digium Asterisk 1.0.9
Digium Asterisk 1.2.9
Digium Asterisk 1.2 Beta1
Digium Asterisk 0.2
Digium Asterisk 0.3
Digium Asterisk 1.0.11
Digium Asterisk 1.0.7
Digium Asterisk 1.2.7
Digium Asterisk 1.2.8
Digium Asterisk 0.1.7
Digium Asterisk 0.1.8
Digium Asterisk 0.7.1
Digium Asterisk 0.7.2
Digium Asterisk 1.2.10
Digium Asterisk 1.2.11
Digium Asterisk 1.2 Beta2
Digium Asterisk 0.1.9
Digium Asterisk 0.1.9.1
Digium Asterisk 0.9
1 EDB exploit
445
VMScore
CVE-2010-0685
The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent malicious users to inject strings into the dial...
Digium Asterisk 1.2.1
Digium Asterisk 1.2.10
Digium Asterisk 1.2.17
Digium Asterisk 1.2.18
Digium Asterisk 1.2.25
Digium Asterisk 1.2.26
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.2.9
Digium Asterisk 1.4.0
Digium Asterisk 1.4.16
Digium Asterisk 1.4.17
Digium Asterisk 1.4.23
Digium Asterisk 1.4.24
Digium Asterisk 1.4.6
Digium Asterisk 1.4.7
Digium Asterisk 1.2.22
Digium Asterisk 1.2.19
Digium Asterisk 1.2.0
Digium Asterisk 1.2.31.1
Digium Asterisk 1.2.24
Digium Asterisk 1.2.15
445
VMScore
CVE-2009-4055
rtp.c in Asterisk Open Source 1.2.x prior to 1.2.37, 1.4.x prior to 1.4.27.1, 1.6.0.x prior to 1.6.0.19, and 1.6.1.x prior to 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x prior to 1.3.0.6 allows remote malic...
Digium Asterisk 1.2.0
Digium Asterisk 1.2.1
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.16
Digium Asterisk 1.2.17
Digium Asterisk 1.2.20
Digium Asterisk 1.2.23
Digium Asterisk 1.2.26.1
Digium Asterisk 1.2.26.2
Digium Asterisk 1.2.3
Digium Asterisk 1.2.30
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.4.10
Digium Asterisk 1.4.10.1
Digium Asterisk 1.4.11
Digium Asterisk 1.4.16.1
Digium Asterisk 1.4.16.2
Digium Asterisk 1.4.19
Digium Asterisk 1.4.19.1
Digium Asterisk 1.4.21
Digium Asterisk 1.4.22
445
VMScore
CVE-2009-3727
Asterisk Open Source 1.2.x prior to 1.2.35, 1.4.x prior to 1.4.26.3, 1.6.0.x prior to 1.6.0.17, and 1.6.1.x prior to 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x prior to 1.3.0.5 gener...
Digium Asterisk 1.2.0
Digium Asterisk 1.2.12
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.16
Digium Asterisk 1.2.17
Digium Asterisk 1.2.2
Digium Asterisk 1.2.20
Digium Asterisk 1.2.22
Digium Asterisk 1.2.23
Digium Asterisk 1.2.26.1
Digium Asterisk 1.2.3
Digium Asterisk 1.2.31.1
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.4.1
Digium Asterisk 1.4.10
Digium Asterisk 1.4.15
Digium Asterisk 1.4.16
Digium Asterisk 1.4.19
Digium Asterisk 1.4.20
Digium Asterisk 1.4.20.1
Digium Asterisk 1.4.22
578
VMScore
CVE-2007-6170
SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x prior to 1.4.15, 1.2.x prior to 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (...
Digium Asterisk
Digium Asterisk C.1.0
Debian Debian Linux 3.1
Debian Debian Linux 4.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started