Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk 1.6.1 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2009-0871
The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 prior to 1.6.0.6; 1.6.1 prior to 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP...
Digium Asterisk C.2.3
Digium Asterisk 1.6.0
Digium Asterisk 1.6.0.3
Digium Asterisk 1.6.1
Digium Asterisk 1.4.22
Digium Asterisk 1.6.0.4
Digium Asterisk 1.6.0.5
Digium Asterisk 1.4.23
Digium Asterisk 1.4.23.1
Digium Asterisk 1.6.0.1
Digium Asterisk 1.6.0.2
5
CVSSv2
CVE-2009-2651
main/rtp.c in Asterisk Open Source 1.6.1 prior to 1.6.1.2 allows remote malicious users to cause a denial of service (crash) via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer.
Digium Asterisk 1.6.1
4.3
CVSSv2
CVE-2010-1224
main/acl.c in Asterisk Open Source 1.6.0.x prior to 1.6.0.25, 1.6.1.x prior to 1.6.1.17, and 1.6.2.x prior to 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper...
Digium Asterisk 1.6.0.23
Digium Asterisk 1.6.0.22
Digium Asterisk 1.6.0.18
Digium Asterisk 1.6.0.12
Digium Asterisk 1.6.0.10
Digium Asterisk 1.6.0.9
Digium Asterisk 1.6.0.1
Digium Asterisk 1.6.0
Digium Asterisk 1.6.1.7
Digium Asterisk 1.6.1.11
Digium Asterisk 1.6.1.12
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.1
Digium Asterisk 1.6.2.2
Digium Asterisk 1.6.0.24
Digium Asterisk 1.6.0.14
Digium Asterisk 1.6.0.13
Digium Asterisk 1.6.0.3
Digium Asterisk 1.6.0.2
Digium Asterisk 1.6.1.5
Digium Asterisk 1.6.1.6
Digium Asterisk 1.6.1.10
5
CVSSv2
CVE-2011-1175
tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x prior to 1.6.1.23, 1.6.2.x prior to 1.6.2.17.1, and 1.8.x prior to 1.8.3.1 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many short TCP sessions...
Digium Asterisk 1.6.1.21
Digium Asterisk 1.6.1.20
Digium Asterisk 1.6.1.1
Digium Asterisk 1.6.1
Digium Asterisk 1.6.1.5
Digium Asterisk 1.6.1.9
Digium Asterisk 1.6.1.10
Digium Asterisk 1.6.1.13
Digium Asterisk 1.6.1.0
Digium Asterisk 1.6.1.16
Digium Asterisk 1.6.1.19
Digium Asterisk 1.6.1.2
Digium Asterisk 1.6.1.7
Digium Asterisk 1.6.1.18
Digium Asterisk 1.6.1.14
Digium Asterisk 1.6.1.22
Digium Asterisk 1.6.1.3
Digium Asterisk 1.6.1.4
Digium Asterisk 1.6.1.8
Digium Asterisk 1.6.1.12
Digium Asterisk 1.6.1.11
Digium Asterisk 1.6.1.6
5
CVSSv2
CVE-2011-1174
manager.c in Asterisk Open Source 1.6.1.x prior to 1.6.1.24, 1.6.2.x prior to 1.6.2.17.2, and 1.8.x prior to 1.8.3.2 allows remote malicious users to cause a denial of service (CPU and memory consumption) via a series of manager sessions involving invalid data.
Digium Asterisk 1.6.1.20
Digium Asterisk 1.6.1.19
Digium Asterisk 1.6.1.10
Digium Asterisk 1.6.1
Digium Asterisk 1.6.1.6
Digium Asterisk 1.6.1.7
Digium Asterisk 1.6.1.21
Digium Asterisk 1.6.1.1
Digium Asterisk 1.6.1.5
Digium Asterisk 1.6.1.9
Digium Asterisk 1.6.1.17
Digium Asterisk 1.6.1.13
Digium Asterisk 1.6.1.0
Digium Asterisk 1.6.1.16
Digium Asterisk 1.6.1.18
Digium Asterisk 1.6.1.12
Digium Asterisk 1.6.1.15
Digium Asterisk 1.6.1.23
Digium Asterisk 1.6.1.22
Digium Asterisk 1.6.1.3
Digium Asterisk 1.6.1.4
Digium Asterisk 1.6.1.8
5
CVSSv2
CVE-2010-0685
The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent malicious users to inject strings into the dial...
Digium Asterisk 1.2.1
Digium Asterisk 1.2.10
Digium Asterisk 1.2.17
Digium Asterisk 1.2.18
Digium Asterisk 1.2.25
Digium Asterisk 1.2.26
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.2.9
Digium Asterisk 1.4.0
Digium Asterisk 1.4.16
Digium Asterisk 1.4.17
Digium Asterisk 1.4.23
Digium Asterisk 1.4.24
Digium Asterisk 1.4.6
Digium Asterisk 1.4.7
Digium Asterisk 1.2.22
Digium Asterisk 1.2.19
Digium Asterisk 1.2.0
Digium Asterisk 1.2.31.1
Digium Asterisk 1.2.24
Digium Asterisk 1.2.15
5
CVSSv2
CVE-2009-4055
rtp.c in Asterisk Open Source 1.2.x prior to 1.2.37, 1.4.x prior to 1.4.27.1, 1.6.0.x prior to 1.6.0.19, and 1.6.1.x prior to 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x prior to 1.3.0.6 allows remote malic...
Digium Asterisk 1.2.0
Digium Asterisk 1.2.1
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.16
Digium Asterisk 1.2.17
Digium Asterisk 1.2.20
Digium Asterisk 1.2.23
Digium Asterisk 1.2.26.1
Digium Asterisk 1.2.26.2
Digium Asterisk 1.2.3
Digium Asterisk 1.2.30
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.4.10
Digium Asterisk 1.4.10.1
Digium Asterisk 1.4.11
Digium Asterisk 1.4.16.1
Digium Asterisk 1.4.16.2
Digium Asterisk 1.4.19
Digium Asterisk 1.4.19.1
Digium Asterisk 1.4.21
Digium Asterisk 1.4.22
5
CVSSv2
CVE-2009-3727
Asterisk Open Source 1.2.x prior to 1.2.35, 1.4.x prior to 1.4.26.3, 1.6.0.x prior to 1.6.0.17, and 1.6.1.x prior to 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x prior to 1.3.0.5 gener...
Digium Asterisk 1.2.0
Digium Asterisk 1.2.12
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.16
Digium Asterisk 1.2.17
Digium Asterisk 1.2.2
Digium Asterisk 1.2.20
Digium Asterisk 1.2.22
Digium Asterisk 1.2.23
Digium Asterisk 1.2.26.1
Digium Asterisk 1.2.3
Digium Asterisk 1.2.31.1
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.4.1
Digium Asterisk 1.4.10
Digium Asterisk 1.4.15
Digium Asterisk 1.4.16
Digium Asterisk 1.4.19
Digium Asterisk 1.4.20
Digium Asterisk 1.4.20.1
Digium Asterisk 1.4.22
5
CVSSv2
CVE-2011-2529
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x prior to 1.6.2.18.1 and 1.8.x prior to 1.8.4.3 does not properly handle '\0' characters in SIP packets, which allows remote malicious users to cause a denial of service (memory corruption) or possibly ha...
Digium Asterisk 1.6.0
Digium Asterisk 1.6.1
Digium Asterisk 1.6.1.2
Digium Asterisk 1.6.1.3
Digium Asterisk 1.6.0.26
Digium Asterisk 1.6.1.8
Digium Asterisk 1.6.1.18
Digium Asterisk 1.6.0.8
Digium Asterisk 1.6.0.11
Digium Asterisk 1.6.0.16
Digium Asterisk 1.6.0.21
Digium Asterisk 1.6.0.18
Digium Asterisk 1.6.0.13
Digium Asterisk 1.6.1.12
Digium Asterisk 1.6.1.19
Digium Asterisk 1.6.1.0
Digium Asterisk 1.6.1.13
Digium Asterisk 1.6.1.22
Digium Asterisk 1.6.0.5
Digium Asterisk 1.6.1.24
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.3
6.8
CVSSv2
CVE-2011-1147
Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x prior to 1.4.39.2, 1.6.1.x prior to 1.6.1.22, 1.6.2.x prior to 1.6.2.16.2, and 1.8 prior to 1.8.2.4; Business Edition C...
Digium Asterisk 1.4.29
Digium Asterisk 1.4.19
Digium Asterisk 1.4.19.2
Digium Asterisk 1.4.30
Digium Asterisk 1.4.20
Digium Asterisk 1.4.20.1
Digium Asterisk 1.4.0
Digium Asterisk 1.4.10.1
Digium Asterisk 1.4.17
Digium Asterisk 1.4.16.2
Digium Asterisk 1.4.25.1
Digium Asterisk 1.4.25
Digium Asterisk 1.4.26.3
Digium Asterisk 1.4.22
Digium Asterisk 1.4.23.2
Digium Asterisk 1.4.23
Digium Asterisk 1.4.28
Digium Asterisk 1.4.29.1
Digium Asterisk 1.4.21
Digium Asterisk 1.4.21.1
Digium Asterisk 1.4.15
Digium Asterisk 1.4.13
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »