Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv2

CVE-2008-1332

Published: 20/03/2008 Updated: 11/10/2018
CVSS v2 Base Score: 8.8 | Impact Score: 9.2 | Exploitability Score: 8.6
VMScore: 783
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:N
Subscribe to Asterisk

Vulnerability Summary

Unspecified vulnerability in Asterisk Open Source 1.2.x prior to 1.2.27, 1.4.x prior to 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x prior to 1.0.2; Appliance Developer Kit prior to 1.4 revision 109393; and s800i 1.0.x prior to 1.1.0.2; allows remote malicious users to access the SIP channel driver via a crafted From header.

Vulnerable Product Search on Vulmon Subscribe to Product

asterisk asterisk business edition

asterisk open source 1.0

asterisk open source 1.0.0

asterisk open source 1.0.4

asterisk open source 1.0.5

asterisk open source 1.2.9.1

asterisk open source 1.2.9

asterisk open source 1.2.25

asterisk open source 1.2.24

asterisk open source 1.2.18

asterisk open source 1.2.17

asterisk open source 1.2.11

asterisk open source 1.2.10

asterisk open source 1.4.0

asterisk open source 1.4.10.1

asterisk open source 1.4.12

asterisk open source 1.4.18

asterisk open source 1.4.19

asterisk asterisk b.1.3.2

asterisk asterisk b.2.3.5

asterisk asterisk b.2.3.4

asterisk open source 1.2.6

asterisk asterisk appliance developer kit 1.3

asterisk asterisk appliance developer kit 0.3

asterisk asterisk appliance developer kit 0.2

asterisk asterisk appliance developer kit

asterisk open source

asterisk open source 1.0.11.1

asterisk open source 1.0.12

asterisk open source 1.0.8

asterisk open source 1.0.9

asterisk open source 1.2.4

asterisk open source 1.2.3

asterisk open source 1.2.21.1

asterisk open source 1.2.21

asterisk open source 1.2.20

asterisk open source 1.2.14

asterisk open source 1.2.13

asterisk open source 1.2.0

asterisk open source 1.4.16.2

asterisk open source 1.4.16

asterisk open source 1.4.15

asterisk open source 1.4.10

asterisk asterisk b.2.3.1

asterisk asterisk b.2.2.1

asterisk asterisk c.1.0_beta8

asterisk asterisk c.1.6

asterisk asterisk appliance developer kit 0.6.0

asterisk asterisk appliance developer kit 0.6

asterisk s800i 1.0.3

asterisk s800i 1.0

asterisk s800i

asterisk open source 1.0.2

asterisk open source 1.0.3

asterisk open source 1.0.3.4

asterisk open source 1.2.7

asterisk open source 1.2.7.1

asterisk open source 1.2.26.2

asterisk open source 1.2.26.1

asterisk open source 1.2.2

asterisk open source 1.2.19

asterisk open source 1.2.12.1

asterisk open source 1.2.12

asterisk open source 1.4.14

asterisk open source 1.4.13

asterisk open source 1.4.1

asterisk asterisk b.2.3.3

asterisk asterisk b.2.3.2

asterisk asterisk c.1.6.1

asterisk asterisknow 1.0

asterisk asterisk appliance developer kit 0.5

asterisk asterisk appliance developer kit 0.4

asterisk s800i 1.0.2

asterisk s800i 1.1.0

asterisk asterisknow

asterisk open source 1.0.1

asterisk open source 1.0.11

asterisk open source 1.0.6

asterisk open source 1.0.7

asterisk open source 1.2.8

asterisk open source 1.2.5

asterisk open source 1.2.23

asterisk open source 1.2.22

asterisk open source 1.2.16

asterisk open source 1.2.15

asterisk open source 1.2.1

asterisk open source 1.2.0beta2

asterisk open source 1.4.12.1

asterisk open source 1.4.16.1

asterisk open source 1.4.11

asterisk asterisk b.1.3.3

asterisk asterisk b.2.2.0

asterisk asterisk b.2.3.6

asterisk asterisk a

asterisk asterisk c.1.0_beta7

asterisk asterisk appliance developer kit 0.8

asterisk asterisk appliance developer kit 0.7

asterisk s800i 1.0.3.3

asterisk s800i 1.0.1

Vendor Advisories

Debian Security Advisories: DSA-1525-1 asterisk -- several vulnerabilities
Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-6430 Tilghman Lesher discovered that database-based registrations are insufficiently validated This only affects setups, which are conf ...

References

CWE-264http://downloads.digium.com/pub/security/AST-2008-003.htmlhttp://www.asterisk.org/node/48466http://www.securityfocus.com/bid/28310http://securitytracker.com/id?1019629http://secunia.com/advisories/29426http://www.debian.org/security/2008/dsa-1525https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00438.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-March/msg00514.htmlhttp://secunia.com/advisories/29456http://secunia.com/advisories/29470http://security.gentoo.org/glsa/glsa-200804-13.xmlhttp://secunia.com/advisories/29782http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.htmlhttp://secunia.com/advisories/29957http://www.vupen.com/english/advisories/2008/0928https://exchange.xforce.ibmcloud.com/vulnerabilities/41308http://www.securityfocus.com/archive/1/489818/100/0/threadedhttps://nvd.nist.govhttps://www.debian.org/security/./dsa-1525
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook