Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asterisk asterisk 1.4.9 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2007-4103
The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x prior to 1.2.23, 1.4.x prior to 1.4.9, and Asterisk Appliance Developer Kit prior to 0.6.0, when configured to allow unauthenticated calls, allows remote malicious users to cause a denial of service (resource exhaustion) ...
Digium Asterisk
Digium Asterisk Appliance Developer Kit
NA
CVE-2011-4597
The SIP over UDP implementation in Asterisk Open Source 1.4.x prior to 1.4.43, 1.6.x prior to 1.6.2.21, and 1.8.x prior to 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote malicious users to enum...
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.1
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3
Digium Asterisk 1.8.4.4
Digium Asterisk 1.8.5
Digium Asterisk 1.8.7.0
Digium Asterisk 1.8.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.4
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.4.3
Digium Asterisk 1.8.6.0
Digium Asterisk 1.8.3.3
Digium Asterisk 1.8.2.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.3.1
Digium Asterisk 1.8.5.0
NA
CVE-2011-2535
chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x prior to 1.4.41.1, 1.6.2.x prior to 1.6.2.18.1, and 1.8.x prior to 1.8.4.3, and Asterisk Business Edition C.3 before C.3.7.3, accesses a memory address contained in an option control frame, which allows remote m...
Digium Asterisk 1.8.4
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3.3
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.2.2
Digium Asterisk 1.8.3
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.1
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.3.1
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.2.4
Digium Asterisk 1.6.2.16.1
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.15
Digium Asterisk 1.6.2.17
Digium Asterisk 1.6.2.17.1
Digium Asterisk 1.6.2.16
NA
CVE-2011-2536
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x prior to 1.4.41.2, 1.6.2.x prior to 1.6.2.18.2, and 1.8.x prior to 1.8.4.4, and Asterisk Business Edition C.3.x before C.3.7.3, disregards the alwaysauthreject option and generates different responses for invalid ...
Digium Asterisk 1.8.1.2
Digium Asterisk 1.8.1
Digium Asterisk 1.8.0
Digium Asterisk 1.8.3
Digium Asterisk 1.8.4.3
Digium Asterisk 1.8.4
Digium Asterisk 1.8.4.1
Digium Asterisk 1.8.2
Digium Asterisk 1.8.2.4
Digium Asterisk 1.8.4.2
Digium Asterisk 1.8.3.3
Digium Asterisk 1.8.2.2
Digium Asterisk 1.8.2.1
Digium Asterisk 1.8.3.2
Digium Asterisk 1.8.1.1
Digium Asterisk 1.8.2.3
Digium Asterisk 1.8.3.1
Digium Asterisk 1.6.2.5
Digium Asterisk 1.6.2.16.1
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.15
Digium Asterisk 1.6.2.17
NA
CVE-2011-2666
The default configuration of the SIP channel driver in Asterisk Open Source 1.4.x up to and including 1.4.41.2 and 1.6.2.x up to and including 1.6.2.18.2 does not enable the alwaysauthreject option, which allows remote malicious users to enumerate account names by making a series...
Digium Asterisk 1.6.2.16.2
Digium Asterisk 1.6.2.6
Digium Asterisk 1.6.2.0
Digium Asterisk 1.6.2.1
Digium Asterisk 1.6.2.17
Digium Asterisk 1.6.2.18
Digium Asterisk 1.6.2.2
Digium Asterisk 1.6.2.3
Digium Asterisk 1.6.2.17.3
Digium Asterisk 1.6.2.16
Digium Asterisk 1.6.2.17.2
Digium Asterisk 1.6.2.15
Digium Asterisk 1.6.2.5
Digium Asterisk 1.6.2.16.1
Digium Asterisk 1.6.2.4
Digium Asterisk 1.6.2.17.1
Digium Asterisk 1.6.2.18.1
Digium Asterisk 1.6.2.18.2
Digium Asterisk 1.4.29
Digium Asterisk 1.4.19
Digium Asterisk 1.4.30
Digium Asterisk 1.4.2
NA
CVE-2010-0685
The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent malicious users to inject strings into the dial...
Digium Asterisk 1.2.1
Digium Asterisk 1.2.10
Digium Asterisk 1.2.17
Digium Asterisk 1.2.18
Digium Asterisk 1.2.25
Digium Asterisk 1.2.26
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.2.9
Digium Asterisk 1.4.0
Digium Asterisk 1.4.16
Digium Asterisk 1.4.17
Digium Asterisk 1.4.23
Digium Asterisk 1.4.24
Digium Asterisk 1.4.6
Digium Asterisk 1.4.7
Digium Asterisk 1.2.22
Digium Asterisk 1.2.19
Digium Asterisk 1.2.0
Digium Asterisk 1.2.31.1
Digium Asterisk 1.2.24
Digium Asterisk 1.2.15
NA
CVE-2009-4055
rtp.c in Asterisk Open Source 1.2.x prior to 1.2.37, 1.4.x prior to 1.4.27.1, 1.6.0.x prior to 1.6.0.19, and 1.6.1.x prior to 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x prior to 1.3.0.6 allows remote malic...
Digium Asterisk 1.2.0
Digium Asterisk 1.2.1
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.16
Digium Asterisk 1.2.17
Digium Asterisk 1.2.20
Digium Asterisk 1.2.23
Digium Asterisk 1.2.26.1
Digium Asterisk 1.2.26.2
Digium Asterisk 1.2.3
Digium Asterisk 1.2.30
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.4.10
Digium Asterisk 1.4.10.1
Digium Asterisk 1.4.11
Digium Asterisk 1.4.16.1
Digium Asterisk 1.4.16.2
Digium Asterisk 1.4.19
Digium Asterisk 1.4.19.1
Digium Asterisk 1.4.21
Digium Asterisk 1.4.22
NA
CVE-2009-3727
Asterisk Open Source 1.2.x prior to 1.2.35, 1.4.x prior to 1.4.26.3, 1.6.0.x prior to 1.6.0.17, and 1.6.1.x prior to 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x prior to 1.3.0.5 gener...
Digium Asterisk 1.2.0
Digium Asterisk 1.2.12
Digium Asterisk 1.2.12.1
Digium Asterisk 1.2.16
Digium Asterisk 1.2.17
Digium Asterisk 1.2.2
Digium Asterisk 1.2.20
Digium Asterisk 1.2.22
Digium Asterisk 1.2.23
Digium Asterisk 1.2.26.1
Digium Asterisk 1.2.3
Digium Asterisk 1.2.31.1
Digium Asterisk 1.2.32
Digium Asterisk 1.2.33
Digium Asterisk 1.4.1
Digium Asterisk 1.4.10
Digium Asterisk 1.4.15
Digium Asterisk 1.4.16
Digium Asterisk 1.4.19
Digium Asterisk 1.4.20
Digium Asterisk 1.4.20.1
Digium Asterisk 1.4.22
NA
CVE-2009-2346
The IAX2 protocol implementation in Asterisk Open Source 1.2.x prior to 1.2.35, 1.4.x prior to 1.4.26.2, 1.6.0.x prior to 1.6.0.15, and 1.6.1.x prior to 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x prior to 1.3.0...
Asterisk Open Source 1.2.18
Asterisk Open Source 1.2.0
Asterisk Open Source 1.2.19
Asterisk Open Source 1.2.15
Asterisk Open Source 1.2.12.1
Asterisk Open Source 1.2.28
Asterisk Open Source 1.2.24
Asterisk Open Source 1.2.21
Asterisk Open Source 1.2.26
Asterisk Open Source 1.2.22
Asterisk Open Source 1.2.27
Asterisk Open Source 1.2.4
Asterisk Open Source 1.2.7.1
Asterisk Open Source 1.2.9.1
Asterisk Open Source 1.2.9
Asterisk Open Source 1.4.14
Asterisk Open Source 1.4.13
Asterisk Open Source 1.4.12
Asterisk Open Source 1.4.19
Asterisk Open Source 1.4.20
Asterisk Open Source 1.4.18.1
Asterisk Open Source 1.4.16.1
NA
CVE-2009-0041
IAX2 in Asterisk Open Source 1.2.x prior to 1.2.31, 1.4.x prior to 1.4.23-rc4, and 1.6.x prior to 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x prior to 1.3.0 responds differently to a failed logi...
Asterisk Open Source 1.2.1
Asterisk Open Source 1.2.11
Asterisk Open Source 1.2.0
Asterisk Open Source 1.2.21.1
Asterisk Open Source 1.2.2
Asterisk Open Source 1.2.22
Asterisk Open Source 1.2.16
Asterisk Open Source 1.2.30.2
Asterisk Open Source 1.2.30
Asterisk Open Source 1.2.23
Asterisk Open Source 1.2.26.2
Asterisk Open Source 1.4.18.1
Asterisk Open Source 1.4.17
Asterisk Open Source 1.4.15
Asterisk Open Source 1.4.14
Asterisk Open Source 1.4.0
Asterisk Open Source 1.4.8
Asterisk Open Source 1.4.7
Asterisk Open Source 1.4.2
Asterisk Open Source 1.4beta
Asterisk Open Source 1.4.21
Asterisk Open Source 1.4.21.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »