Remote code execution can occur in Asterisk Open Source 13.x prior to 13.14.1 and 14.x prior to 14.3.1 and Certified Asterisk 13.13 prior to 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
digium asterisk 14.3.0 |
||
digium asterisk 13.10.0 |
||
digium asterisk 14.0 |
||
digium asterisk 14.0.0 |
||
digium asterisk 13.11.0 |
||
digium asterisk 13.11.1 |
||
digium asterisk 13.11.2 |
||
digium asterisk 13.5.0 |
||
digium asterisk 13.6.0 |
||
digium asterisk 13.7.0 |
||
digium asterisk 13.0.0 |
||
digium asterisk 13.0.1 |
||
digium asterisk 13.0.2 |
||
digium asterisk 14.0.2 |
||
digium asterisk 14.01 |
||
digium asterisk 14.02 |
||
digium asterisk 14.1 |
||
digium asterisk 14.1.0 |
||
digium asterisk 13.13 |
||
digium asterisk 13.13.0 |
||
digium asterisk 13.2.0 |
||
digium asterisk 13.8.0 |
||
digium asterisk 13.8.1 |
||
digium asterisk 13.8.2 |
||
digium asterisk 13.9.0 |
||
digium asterisk 14.2.1 |
||
digium asterisk 13.1.0 |
||
digium asterisk 13.1.1 |
||
digium asterisk 14.1.1 |
||
digium asterisk 14.2 |
||
digium asterisk 13.12.0 |
||
digium asterisk 13.12.2 |
||
digium asterisk 13.2.1 |
||
digium asterisk 13.3.2 |
||
digium asterisk 13.4.0 |
||
digium asterisk 13.7.2 |
||
digium asterisk 13.14.0 |
||
digium asterisk 14.0.1 |
||
digium asterisk 14.1.2 |
||
digium asterisk 14.2.0 |
||
digium asterisk 13.12 |
||
digium asterisk 13.12.1 |
||
digium asterisk 13.3.0 |
||
digium asterisk 13.7.1 |
||
digium asterisk 13.9.1 |
||
digium certified asterisk |
Vulmon