Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digium asterisk 1.4.23 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0871
The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and 1.4.23.1; 1.6.0 prior to 1.6.0.6; 1.6.1 prior to 1.6.1.0-rc2; and Asterisk Business Edition C.2.3, with the pedantic option enabled, allows remote authenticated users to cause a denial of service (crash) via a SIP...
Digium Asterisk C.2.3
Digium Asterisk 1.6.0
Digium Asterisk 1.6.0.3
Digium Asterisk 1.6.1
Digium Asterisk 1.4.22
Digium Asterisk 1.6.0.4
Digium Asterisk 1.6.0.5
Digium Asterisk 1.4.23
Digium Asterisk 1.4.23.1
Digium Asterisk 1.6.0.1
Digium Asterisk 1.6.0.2
NA
CVE-2011-2666
The default configuration of the SIP channel driver in Asterisk Open Source 1.4.x up to and including 1.4.41.2 and 1.6.2.x up to and including 1.6.2.18.2 does not enable the alwaysauthreject option, which allows remote malicious users to enumerate account names by making a series...
Digium Asterisk 1.6.2.16.2
Digium Asterisk 1.6.2.6
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.1
Digium Asterisk 1.6.2.17
Digium Asterisk 1.6.2.18
Digium Asterisk 1.6.2.2
Digium Asterisk 1.6.2.3
Digium Asterisk 1.6.2.17.3
Digium Asterisk 1.6.2.16
Digium Asterisk 1.6.2.17.2
Digium Asterisk 1.6.2.15
Digium Asterisk 1.6.2.5
Digium Asterisk 1.6.2.16.1
Digium Asterisk 1.6.2.4
Digium Asterisk 1.6.2.17.1
Digium Asterisk 1.6.2.18.1
Digium Asterisk 1.6.2.18.2
Digium Asterisk 1.4.29
Digium Asterisk 1.4.19
Digium Asterisk 1.4.30
Digium Asterisk 1.4.2
NA
CVE-2011-4597
The SIP over UDP implementation in Asterisk Open Source 1.4.x prior to 1.4.43, 1.6.x prior to 1.6.2.21, and 1.8.x prior to 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote malicious users to enum...
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.1
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3
Digium Asterisk 1.8.4.4
Digium Asterisk 1.8.5
Digium Asterisk 1.8.7.0
Digium Asterisk 1.8.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.4
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.4.3
Digium Asterisk 1.8.6.0
Digium Asterisk 1.8.3.3
Digium Asterisk 1.8.2.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.3.1
Digium Asterisk 1.8.5.0
NA
CVE-2011-2535
chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x prior to 1.4.41.1, 1.6.2.x prior to 1.6.2.18.1, and 1.8.x prior to 1.8.4.3, and Asterisk Business Edition C.3 before C.3.7.3, accesses a memory address contained in an option control frame, which allows remote m...
Digium Asterisk 1.8.4
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3.3
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.2.2
Digium Asterisk 1.8.3
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.1
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.3.1
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.2.4
Digium Asterisk 1.6.2.16.1
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.15
Digium Asterisk 1.6.2.17
Digium Asterisk 1.6.2.17.1
Digium Asterisk 1.6.2.16
NA
CVE-2010-0685
The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent malicious users to inject strings into the dial...
Digium Asterisk 1.2.1
Digium Asterisk 1.2.10
Digium Asterisk 1.2.17
Digium Asterisk 1.2.18
Digium Asterisk 1.2.25
Digium Asterisk 1.2.26
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.2.9
Digium Asterisk 1.4.0
Digium Asterisk 1.4.16
Digium Asterisk 1.4.17
Digium Asterisk 1.4.23
Digium Asterisk 1.4.24
Digium Asterisk 1.4.6
Digium Asterisk 1.4.7
Digium Asterisk 1.2.22
Digium Asterisk 1.2.19
Digium Asterisk 1.2.0
Digium Asterisk 1.2.31.1
Digium Asterisk 1.2.24
Digium Asterisk 1.2.15
NA
CVE-2011-2536
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x prior to 1.4.41.2, 1.6.2.x prior to 1.6.2.18.2, and 1.8.x prior to 1.8.4.4, and Asterisk Business Edition C.3.x before C.3.7.3, disregards the alwaysauthreject option and generates different responses for invalid ...
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.1
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3
Digium Asterisk 1.8.4.3
Digium Asterisk 1.8.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.4
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.3.3
Digium Asterisk 1.8.2.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.3.1
Digium Asterisk 1.6.2.5
Digium Asterisk 1.6.2.16.1
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.15
Digium Asterisk 1.6.2.17
NA
CVE-2011-1147
Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x prior to 1.4.39.2, 1.6.1.x prior to 1.6.1.22, 1.6.2.x prior to 1.6.2.16.2, and 1.8 prior to 1.8.2.4; Business Edition C...
Digium Asterisk 1.4.29
Digium Asterisk 1.4.19
Digium Asterisk 1.4.19.2
Digium Asterisk 1.4.30
Digium Asterisk 1.4.20
Digium Asterisk 1.4.20.1
Digium Asterisk 1.4.0
Digium Asterisk 1.4.10.1
Digium Asterisk 1.4.17
Digium Asterisk 1.4.16.2
Digium Asterisk 1.4.25.1
Digium Asterisk 1.4.25
Digium Asterisk 1.4.26.3
Digium Asterisk 1.4.22
Digium Asterisk 1.4.23.2
Digium Asterisk 1.4.23
Digium Asterisk 1.4.28
Digium Asterisk 1.4.29.1
Digium Asterisk 1.4.21
Digium Asterisk 1.4.21.1
Digium Asterisk 1.4.15
Digium Asterisk 1.4.13
NA
CVE-2011-1507
Asterisk Open Source 1.4.x prior to 1.4.40.1, 1.6.1.x prior to 1.6.1.25, 1.6.2.x prior to 1.6.2.17.3, and 1.8.x prior to 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote ma...
Digium Asterisk 1.4.29.1
Digium Asterisk 1.4.19
Digium Asterisk 1.4.31
Digium Asterisk 1.4.20
Digium Asterisk 1.4.21
Digium Asterisk 1.4.11
Digium Asterisk 1.4.15
Digium Asterisk 1.4.29
Digium Asterisk 1.4.30
Digium Asterisk 1.4.19.2
Digium Asterisk 1.4.1
Digium Asterisk 1.4.0
Digium Asterisk 1.4.10.1
Digium Asterisk 1.4.16
Digium Asterisk 1.4.17
Digium Asterisk 1.4.14
Digium Asterisk 1.4.25.1
Digium Asterisk 1.4.26.3
Digium Asterisk 1.4.22
Digium Asterisk 1.4.27
Digium Asterisk 1.4.23.2
Digium Asterisk 1.4.28
NA
CVE-2011-1599
manager.c in the Manager Interface in Asterisk Open Source 1.4.x prior to 1.4.40.1, 1.6.1.x prior to 1.6.1.25, 1.6.2.x prior to 1.6.2.17.3, and 1.8.x prior to 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 does not properly check for the system privilege, which allows...
Digium Asterisk 1.4.29.1
Digium Asterisk 1.4.19
Digium Asterisk 1.4.31
Digium Asterisk 1.4.20
Digium Asterisk 1.4.21
Digium Asterisk 1.4.11
Digium Asterisk 1.4.15
Digium Asterisk 1.4.28
Digium Asterisk 1.4.30
Digium Asterisk 1.4.2
Digium Asterisk 1.4.20.1
Digium Asterisk 1.4.10
Digium Asterisk 1.4.12.1
Digium Asterisk 1.4.16.2
Digium Asterisk 1.4.18
Digium Asterisk 1.4.25
Digium Asterisk 1.4.26
Digium Asterisk 1.4.26.1
Digium Asterisk 1.4.22
Digium Asterisk 1.4.23
Digium Asterisk 1.4.0
Digium Asterisk 1.4.34
NA
CVE-2009-4055
rtp.c in Asterisk Open Source 1.2.x prior to 1.2.37, 1.4.x prior to 1.4.27.1, 1.6.0.x prior to 1.6.0.19, and 1.6.1.x prior to 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x prior to 1.3.0.6 allows remote malic...
Digium Asterisk 1.2.0
Digium Asterisk 1.2.1
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.16
Digium Asterisk 1.2.17
Digium Asterisk 1.2.20
Digium Asterisk 1.2.23
Digium Asterisk 1.2.26.1
Digium Asterisk 1.2.26.2
Digium Asterisk 1.2.3
Digium Asterisk 1.2.30
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.4.10
Digium Asterisk 1.4.10.1
Digium Asterisk 1.4.11
Digium Asterisk 1.4.16.1
Digium Asterisk 1.4.16.2
Digium Asterisk 1.4.19
Digium Asterisk 1.4.19.1
Digium Asterisk 1.4.21
Digium Asterisk 1.4.22
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »