Search for packages
| purl | pkg:deb/debian/asterisk@1:22.8.2%2Bdfsg%2B~cs6.15.60671435-1?distro=sid |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-111d-qj24-nyde | Multiple vulnerabilities in Asterisk might allow remote attackers to execute arbitrary code. |
CVE-2012-2415
|
| VCID-1bxe-fg62-qugd | The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package. |
CVE-2014-6609
|
| VCID-1cad-s6nn-j7aw | embedded prototype.js JavaScript hijacking |
CVE-2007-2383
|
| VCID-1g96-fryn-9qak | The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not properly null terminate data, which allows remote attackers to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application crash), by sending a frame that lacks a 0 byte. |
CVE-2007-2488
|
| VCID-1qxc-4xk5-2feu | Asterisk: Asterisk: Arbitrary code execution and file overwrite as root via insecure ast_coredumper file handling |
CVE-2026-23740
|
| VCID-1t3u-22gq-qucr | Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1. |
CVE-2024-35190
|
| VCID-1u6r-4dzb-wfh2 | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-1507
|
| VCID-1wuy-5w5r-bubj | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2012-1184
|
| VCID-2qjc-yspn-xydj | Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface (CLI) by configuring `cli_permissions.conf` (e.g. with the config line `deny=!*`) does not work which could lead to a security risk. If an administrator running an Asterisk instance relies on the `cli_permissions.conf` file to work and expects it to deny all attempts to execute shell commands, then this could lead to a security vulnerability. Versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk fix the issue. |
CVE-2025-47780
|
| VCID-2r38-yjx6-uuae | security update |
CVE-2016-2232
|
| VCID-2xc3-aqh8-cubn | main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario. |
CVE-2019-15639
|
| VCID-32hs-eqw2-1kf2 | An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport. |
CVE-2019-18790
|
| VCID-34fv-tv5a-tkgw | security update |
CVE-2022-23537
|
| VCID-3gwr-t9bx-47cj | asterisk: HTTP Manager ID is predictable (AST-2008-005) |
CVE-2008-1390
|
| VCID-3jx3-v6c9-3be2 | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2013-5641
|
| VCID-3r26-8d9e-aqdm | asterisk: remote crash in SIP channel driver (AST-2009-002) |
CVE-2009-0871
|
| VCID-43ff-97jw-hkce | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to arbitrary code execution. |
CVE-2025-1131
|
| VCID-4658-u85z-zqhh | The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device. |
CVE-2014-4045
|
| VCID-48pt-6j6q-jbcn | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-23608
|
| VCID-5211-bpr9-nqaf | Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE. |
CVE-2007-2293
|
| VCID-542z-gtvr-ykck | Multiple vulnerabilities in Asterisk might allow remote attackers to execute arbitrary code. |
CVE-2012-2416
|
| VCID-5499-3dkq-9fc2 | Multiple vulnerabilities have been found in Asterisk. |
CVE-2007-3764
|
| VCID-55vv-7jsj-xqeh | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2023-49294
|
| VCID-58np-gsxj-8yc4 | The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of service (memory exhaustion) via a SIP dialog that causes a large number of history entries to be created. |
CVE-2007-4455
|
| VCID-5yue-52xt-ryhw | An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands. |
CVE-2019-18610
|
| VCID-63fe-saga-13ct | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 18.26.4 and 18.9-cert17, RTP UDP ports and internal resources can leak due to a lack of session termination. This could result in leaks and resource exhaustion. This issue has been patched in versions 18.26.4 and 18.9-cert17. |
CVE-2025-54995
|
| VCID-67av-c7qh-5kek | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2012-3812
|
| VCID-6c2h-e3rr-eyfw | Asterisk is vulnerable to the remote execution of arbitrary code or a Denial of Service. |
CVE-2006-4345
|
| VCID-6jv8-3wch-wfew | security update |
CVE-2016-2316
|
| VCID-6rhm-xrwe-x7af | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2021-26717
|
| VCID-6xqn-t8j4-skgs | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-2535
|
| VCID-6yxw-veq3-eqgd | Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function. |
CVE-2011-0495
|
| VCID-77r2-q55r-wffw | Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure. |
CVE-2008-2119
|
| VCID-7kus-4n4f-myd1 | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2022-26498
|
| VCID-7m8s-6ydk-gbgr | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2021-37706
|
| VCID-7ner-5xz7-93gz | Multiple vulnerabilities have been found in Asterisk, the worst of which could result in a Denial of Service condition. |
CVE-2018-12227
|
| VCID-7pts-41xh-mbh4 | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2012-4737
|
| VCID-7pxs-dc7h-tkbs | Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. |
CVE-2009-3727
|
| VCID-7tfx-9358-gygx | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-1147
|
| VCID-7tjs-ybpe-r7hg | Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service, bypass intended ACL restrictions or allow an authenticated user to gain escalated privileges. |
CVE-2014-8417
|
| VCID-81tr-5yzn-m7ap | chan_skinny.c in the Skinny (aka SCCP) channel driver in Asterisk Open Source 10.x before 10.5.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by sending a Station Key Pad Button message and closing a connection in off-hook mode, a related issue to CVE-2012-2948. |
CVE-2012-3553
|
| VCID-8kjy-xtm2-bqan | Asterisk: Asterisk: Local file disclosure via unsafe XML parsing |
CVE-2026-23739
|
| VCID-8mfb-mmaz-mfab | reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.2 does not initialize certain strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed Contact header. |
CVE-2011-2216
|
| VCID-8pdp-epea-juhj | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2022-26499
|
| VCID-8qy8-gk53-eufc | Multiple vulnerabilities have been found in Asterisk, the worst of which could result in a Denial of Service condition. |
CVE-2017-16671
|
| VCID-8shw-ev6h-dqgh | Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service, bypass intended ACL restrictions or allow an authenticated user to gain escalated privileges. |
CVE-2014-8414
|
| VCID-8sys-3sj7-c3h6 | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-21722
|
| VCID-8yav-jpp1-rfbe | security update |
CVE-2021-43299
|
| VCID-917e-7kp2-y3hw | res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1 allows an attacker to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference. |
CVE-2019-15297
|
| VCID-986n-21m7-fuc8 | main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts. |
CVE-2010-1224
|
| VCID-9at6-bgzv-gue3 | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-39269
|
| VCID-9f9j-z7y7-sffy | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2021-43845
|
| VCID-9fz9-f74u-2yfe | Asterisk is vulnerable to the remote execution of arbitrary code or a Denial of Service. |
CVE-2006-5445
|
| VCID-9u4p-wdky-a3h1 | Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with `write=originate` may change all configuration files in the `/etc/asterisk/` directory. This occurs because they are able to curl remote files and write them to disk, but are also able to append to existing files using the `FILE` function inside the `SET` application. This issue may result in privilege escalation, remote code execution and/or blind server-side request forgery with arbitrary protocol. Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2 contain a fix for this issue. |
CVE-2024-42365
|
| VCID-9w61-sh1p-aqff | Multiple vulnerabilities have been found in Asterisk. |
CVE-2007-3763
|
| VCID-9xk8-m5c3-wud8 | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-2666
|
| VCID-a2n5-xpy5-gyfh | Multiple vulnerabilities have been found in Asterisk, the worst of which allows remote execution of arbitrary shell commands. |
CVE-2017-14100
|
| VCID-a442-jcja-zych | Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure. |
CVE-2008-3263
|
| VCID-a4na-u27r-sfc5 | The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout. |
CVE-2014-4048
|
| VCID-a5sa-32q2-s3he | asterisk: Format String Vulnerability in Logger and Manager (AST-2008-004) |
CVE-2008-1333
|
| VCID-a8uf-chxy-9udv | The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array population. |
CVE-2007-4280
|
| VCID-adsx-448w-vbem | Multiple vulnerabilities have been found in Asterisk. |
CVE-2007-4103
|
| VCID-agez-w3xn-63bt | Multiple buffer overflows in Asterisk might allow remote attackers to cause a Denial of Service condition. |
CVE-2014-2288
|
| VCID-an47-cxfn-77e8 | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2013-2685
|
| VCID-ap3n-99gn-aucs | A vulnerability has been discovered in PJSIP, which could lead to arbitrary code execution. |
CVE-2023-27585
|
| VCID-apn8-j2e8-uka5 | The handle_request_info function in channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted sequence of SIP requests. |
CVE-2011-4598
|
| VCID-ay1n-kp3k-37db | Race condition in the chan_pjsip channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 allows remote attackers to cause a denial of service (assertion failure and crash) via a cancel request for a SIP session with a queued action to (1) answer a session or (2) send ringing. |
CVE-2014-8415
|
| VCID-b1vq-vecs-pfev | Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure. |
CVE-2008-3264
|
| VCID-b4z5-5hbq-5ka8 | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2022-42706
|
| VCID-bbhx-pe8h-fubn | Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service, bypass intended ACL restrictions or allow an authenticated user to gain escalated privileges. |
CVE-2014-8418
|
| VCID-bk8r-brkr-bqc6 | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2023-49786
|
| VCID-bknu-abgc-bugw | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2023-37457
|
| VCID-bv3b-3h5a-s7ez | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2012-1183
|
| VCID-byqv-c5jp-6ybg | security update |
CVE-2021-43301
|
| VCID-c4n3-bd3z-qfbw | Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure. |
CVE-2009-0041
|
| VCID-c765-b3fs-nbdu | Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files. |
CVE-2007-5358
|
| VCID-cupt-538a-z3fp | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2022-37325
|
| VCID-cvp4-5uvw-xff2 | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2012-3863
|
| VCID-czy4-hnuj-fbgx | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-1174
|
| VCID-d791-zjab-jfh1 | The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference. |
CVE-2008-0095
|
| VCID-d8sn-7zbc-4bhy | Multiple vulnerabilities in Asterisk might allow remote attackers to execute arbitrary code. |
CVE-2012-2414
|
| VCID-ddpb-zwva-rfc5 | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-21723
|
| VCID-dmv1-4jgk-e3cq | Multiple buffer overflows in Asterisk might allow remote attackers to cause a Denial of Service condition. |
CVE-2014-2287
|
| VCID-dpra-jbea-4fcy | Multiple vulnerabilities have been found in Asterisk, the worst of which allows remote execution of arbitrary shell commands. |
CVE-2017-14603
|
| VCID-e1yx-dxa6-1bba | Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. |
CVE-2011-3389
|
| VCID-e3vd-dhyn-1qfa | Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length. |
CVE-2006-1827
|
| VCID-e7t9-pdx7-5kgm | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-1175
|
| VCID-ebcm-kjvz-73cz | Asterisk Open Source 12.x before 12.8.1 and 13.x before 13.1.1, when using the PJSIP channel driver, does not properly reclaim RTP ports, which allows remote authenticated users to cause a denial of service (file descriptor consumption) via an SDP offer containing only incompatible codecs. |
CVE-2015-1558
|
| VCID-ed6c-6srd-67f6 | Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. |
CVE-2003-0761
|
| VCID-edp8-yh2h-xuck | Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service, bypass intended ACL restrictions or allow an authenticated user to gain escalated privileges. |
CVE-2014-9374
|
| VCID-ehd7-39bz-2ybk | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2012-5976
|
| VCID-ehx4-qzgr-qbd9 | Multiple vulnerabilities have been discovered in Asterisk, the worst of which could allow privileged users to execute arbitrary system shell commands. |
CVE-2014-4047
|
| VCID-ennr-ek9z-a7db | The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters that are injected when the variable is expanded, as demonstrated using the Dial application to process a crafted SIP INVITE message that adds an unintended outgoing channel leg. NOTE: it could be argued that this is not a vulnerability in Asterisk, but a class of vulnerabilities that can occur in any program that uses this feature without the associated filtering functionality that is already available. |
CVE-2010-0685
|
| VCID-epzp-dpmr-33df | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2021-32686
|
| VCID-eund-5mfa-9kbn | security update |
CVE-2017-17090
|
| VCID-f1y5-37zk-x3ey | The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does not properly create and load ACLs defined in pjsip.conf at startup, which allows remote attackers to bypass intended PJSIP ACL rules. |
CVE-2014-8413
|
| VCID-f4br-7sgk-27cf | Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service. |
CVE-2014-6610
|
| VCID-f5qc-tsbr-1yap | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2021-43804
|
| VCID-fdpu-1891-q3a6 | asterisk allows calls on prohibited networks |
CVE-2009-3723
|
| VCID-fjzf-5rtw-rqfj | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2021-26906
|
| VCID-fndq-j9d2-afed | A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack. |
CVE-2017-17664
|
| VCID-fz7z-xttk-13by | security update |
CVE-2016-7551
|
| VCID-fzs1-dj22-7fff | Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. |
CVE-2009-2726
|
| VCID-g6cn-x656-5fcw | Asterisk is vulnerable to the remote execution of arbitrary code or a Denial of Service. |
CVE-2006-4346
|
| VCID-ge7t-fqyp-vyhz | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2021-26713
|
| VCID-ggu9-8qd1-4ffx | security update |
CVE-2018-7286
|
| VCID-gkcp-1zz6-tfb5 | A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects, were dereferenced or accessed next by the initial-creation thread. Note, however, that this crash can only occur when using a connection-oriented protocol (e.g., TCP or TLS, but not UDP) for SIP transport. Also, the remote client must be authenticated, or Asterisk must be configured for anonymous calling. |
CVE-2020-28327
|
| VCID-grs7-fu68-2ff3 | Asterisk contains a bug in the IAX2 channel driver making it vulnerable to the remote execution of arbitrary code. |
CVE-2006-2898
|
| VCID-gy3u-c6dc-sbbn | An issue in the action_listcategories() function of Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to execute a path traversal. |
CVE-2024-53566
|
| VCID-h193-vjhb-j3a3 | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2021-32558
|
| VCID-h52b-ubb6-byh1 | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2013-2686
|
| VCID-h8nm-exgj-xybc | Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. |
CVE-2009-4055
|
| VCID-hj93-7z1r-vkfk | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-24763
|
| VCID-huqt-1fv6-67cz | An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is received that contains a tel-uri in the Diversion header. |
CVE-2020-35652
|
| VCID-hvmt-7qk8-wqh1 | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2013-5642
|
| VCID-j3wr-j8e1-tbeq | Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter. |
CVE-2005-3559
|
| VCID-jez3-sw2r-r3d6 | An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashes. This occurs as the code does not properly handle spaces separating the parameters. This does NOT require the endpoint to have Opus configured in Asterisk. This also does not require the endpoint to be authenticated. If guest is enabled for chan_sip or anonymous in chan_pjsip an SDP offer or answer is still processed and the crash occurs. |
CVE-2016-9937
|
| VCID-jwaj-b8n5-bbcx | asterisk 13.10.0 is affected by: denial of service issues in asterisk. The impact is: cause a denial of service (remote). |
CVE-2016-7550
|
| VCID-k1zu-wpsb-wyh3 | A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending specially crafted SCCP packets causing an infinite loop and leading to memory exhaustion (by message logging in that loop). |
CVE-2017-9358
|
| VCID-kby8-5rnd-fffs | Asterisk is vulnerable to Denial of Service in the SIP channel. |
CVE-2007-1306
|
| VCID-kdex-mwf6-13br | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2012-2186
|
| VCID-m27d-dqzg-w7gr | Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action. |
CVE-2017-7617
|
| VCID-m3gv-mmcp-t7fz | Asterisk: Remote DoS via specially-crafted FaxMaxDatagram SDP packets (AST-2010-001) |
CVE-2010-0441
|
| VCID-m9wv-atrb-c3ac | The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port. |
CVE-2007-3765
|
| VCID-mcd2-e66p-j3b7 | The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x before 1.4.3 does not properly parse SIP UDP packets that do not contain a valid response code, which allows remote attackers to cause a denial of service (crash). |
CVE-2007-2297
|
| VCID-mcfv-fuk8-cqaq | Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service, bypass intended ACL restrictions or allow an authenticated user to gain escalated privileges. |
CVE-2014-8412
|
| VCID-mmng-tcuj-wkhu | An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk gets caught in an infinite loop while trying to read the data stream. This renders the system unusable. |
CVE-2018-12228
|
| VCID-mmqp-yesh-83c1 | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-2536
|
| VCID-n6mj-v1nc-hke9 | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-24793
|
| VCID-nbq8-qr83-qbh7 | Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character. |
CVE-2005-2081
|
| VCID-nf5d-nejq-mkd9 | security update |
CVE-2021-43303
|
| VCID-ngds-k5mh-t3ae | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-31031
|
| VCID-nzu7-8h1d-mbbw | The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series of requests. |
CVE-2011-4597
|
| VCID-p5vz-kq6m-63dd | Multiple vulnerabilities have been found in Asterisk, the worst of which could result in a Denial of Service condition. |
CVE-2018-17281
|
| VCID-p6k6-8gxf-sydp | Multiple vulnerabilities have been found in Asterisk allowing for SQL injection, session hijacking and unauthorized usage. |
CVE-2007-6430
|
| VCID-phb4-xaj7-byg2 | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 of the ast_coredumper file. The script will source the contents of /etc/asterisk/ast_debug_tools.conf, which resides in a folder that is writeable by the asterisk user:group. Due to the /etc/asterisk/ast_debug_tools.conf file following bash semantics and it being loaded; an attacker with write permissions may add or modify the file such that when the root ast_coredumper is run; it would source and thereby execute arbitrary bash code found in the /etc/asterisk/ast_debug_tools.conf. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2. |
CVE-2026-23741
|
| VCID-pjwr-x9hp-g7dk | Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an IMAP voicemail storage backend, allows remote attackers to cause a denial of service via an e-mail with an "invalid/corrupted" MIME body, which triggers a crash when the recipient listens to voicemail. |
CVE-2007-4521
|
| VCID-pmte-bc34-pfcv | security update |
CVE-2023-38703
|
| VCID-psbg-wv2x-w7ba | security update |
CVE-2022-23547
|
| VCID-q3py-mykt-4kax | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to arbitrary code execution. |
CVE-2025-49832
|
| VCID-q6w8-pqsz-7ud4 | The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form. |
CVE-2007-1595
|
| VCID-qcqe-63ev-f7gv | Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.24.3, 20.9.3, and 21.4.3 of Asterisk and versions 18.9-cert12 and 20.7-cert2 of certified-asterisk, if Asterisk attempts to send a SIP request to a URI whose host portion starts with `.1` or `[.1]`, and res_resolver_unbound is loaded, Asterisk will crash with a SEGV. To receive a patch, users should upgrade to one of the following versions: 18.24.3, 20.9.3, 21.4.3, certified-18.9-cert12, certified-20.7-cert2. Two workarounds are available. Disable res_resolver_unbound by setting `noload = res_resolver_unbound.so` in modules.conf, or set `rewrite_contact = yes` on all PJSIP endpoints. NOTE: This may not be appropriate for all Asterisk configurations. |
CVE-2024-42491
|
| VCID-qksp-5hqu-7qad | An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation. |
CVE-2019-7251
|
| VCID-qpwr-bqps-77cc | Multiple vulnerabilities in Asterisk might allow remote attackers to execute arbitrary code. |
CVE-2012-2947
|
| VCID-qsqz-g9fv-6bgg | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2013-2264
|
| VCID-r1sd-avzd-d7gv | Asterisk is vulnerable to the remote execution of arbitrary code or a Denial of Service. |
CVE-2006-5444
|
| VCID-r54j-ydjm-4uca | Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary code via the action_createconfig function. NOTE: this is disputed by the Supplier because the impact is limited to creating empty files outside of the Asterisk product directory (aka directory traversal) and the attack can only be performed by a privileged user who has the ability to manage the configuration. |
CVE-2024-57520
|
| VCID-r6s6-y3q8-vydc | Multiple vulnerabilities have been found in Asterisk, the worst of which allows remote execution of arbitrary shell commands. |
CVE-2017-14099
|
| VCID-r8b9-jcqa-xyb2 | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2020-35776
|
| VCID-rb5h-mvxt-7qhv | security update |
CVE-2015-3008
|
| VCID-rb9n-t857-1uac | Multiple vulnerabilities have been found in Asterisk allowing for SQL injection, session hijacking and unauthorized usage. |
CVE-2008-1332
|
| VCID-re5z-334n-e7a2 | Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure. |
CVE-2008-1897
|
| VCID-rn9b-2scp-byf5 | asterisk: remote DoS on receipt of malformed RTP text frames |
CVE-2009-2651
|
| VCID-rwug-45gf-s3bz | security update |
CVE-2018-7284
|
| VCID-s3p6-93jg-p7c3 | Multiple vulnerabilities have been discovered in Asterisk, the worst of which could allow privileged users to execute arbitrary system shell commands. |
CVE-2014-4046
|
| VCID-s7qt-9z8z-y7bx | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-2665
|
| VCID-sb1c-cz2g-dycu | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2013-7100
|
| VCID-sqgd-ykvk-2qay | Use-after-free vulnerability in the PJSIP channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1, when using the res_pjsip_refer module, allows remote attackers to cause a denial of service (crash) via an in-dialog INVITE with Replaces message, which triggers the channel to be hung up. |
CVE-2014-8416
|
| VCID-sw4t-1yct-ffbd | Multiple vulnerabilities in Asterisk might allow remote attackers to execute arbitrary code. |
CVE-2012-2948
|
| VCID-tekr-xkck-pkfu | Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. |
CVE-2008-7220
|
| VCID-tmja-qaa1-8kex | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to arbitrary code execution. |
CVE-2025-57767
|
| VCID-tqwd-ffwc-mkd1 | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-24792
|
| VCID-ttmk-fs9h-hufh | An issue was discovered in res_http_websocket.c in Asterisk 15.x through 15.2.1. If the HTTP server is enabled (default is disabled), WebSocket payloads of size 0 are mishandled (with a busy loop). |
CVE-2018-7287
|
| VCID-tw8d-u845-r3dq | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-24754
|
| VCID-tyh4-14zn-63ez | An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in each response, Asterisk will continually send INVITEs in a loop. This causes Asterisk to consume more and more memory since the transaction will never terminate (even if the call is hung up), ultimately leading to a restart or shutdown of Asterisk. Outbound authentication must be configured on the endpoint for this to occur. |
CVE-2020-28242
|
| VCID-u4gv-ss9p-sqe9 | Multiple vulnerabilities have been found in Asterisk, the worst of which allows remote execution of arbitrary shell commands. |
CVE-2017-14098
|
| VCID-u91b-9huy-43hn | Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, SIP requests of the type MESSAGE (RFC 3428) authentication do not get proper alignment. An authenticated attacker can spoof any user identity to send spam messages to the user with their authorization token. Abuse of this security issue allows authenticated attackers to send fake chat messages can be spoofed to appear to come from trusted entities. Even administrators who follow Security best practices and Security Considerations can be impacted. Therefore, abuse can lead to spam and enable social engineering, phishing and similar attacks. Versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk fix the issue. |
CVE-2025-47779
|
| VCID-u99q-b5ug-jyd5 | Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure. |
CVE-2008-3903
|
| VCID-u9xx-wevm-ufdh | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-2529
|
| VCID-urhv-6gz3-u7fr | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-1599
|
| VCID-v7ev-jtsg-cqdg | security update |
CVE-2021-46837
|
| VCID-vwf4-v4ve-4yfh | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-39244
|
| VCID-w7ce-jd16-xbbs | Multiple vulnerabilities have been found in Asterisk allowing for SQL injection, session hijacking and unauthorized usage. |
CVE-2007-6170
|
| VCID-w94b-nwsf-wkg3 | The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends "early audio" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message. |
CVE-2008-1923
|
| VCID-w9ce-m3x8-n3ak | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-24786
|
| VCID-w9e8-ekah-wfg2 | Multiple vulnerabilities have been found in Asterisk, the worst of which could result in a Denial of Service condition. |
CVE-2017-17850
|
| VCID-wbrs-de57-1bd9 | Multiple buffer overflows in Asterisk might allow remote attackers to cause a Denial of Service condition. |
CVE-2014-2289
|
| VCID-wfgw-5dme-yfan | Multiple vulnerabilities have been found in Asterisk. |
CVE-2007-3762
|
| VCID-wsh5-yefr-d7ad | Asterisk is vulnerable to two Denial of Service issues in the SIP channel. |
CVE-2007-1561
|
| VCID-wz3z-sq5y-pbd6 | SQL injection vulnerability in the Postgres Realtime Engine (res_config_pgsql) in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors. |
CVE-2007-6171
|
| VCID-x2gp-mft6-1yhy | An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.38 UDPTL stream and another media stream containing only a codec (which is not permitted according to the chan_sip configuration). |
CVE-2019-13161
|
| VCID-xbe4-uvqu-6kf7 | Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0 and earlier allows remote authenticated users to crash Asterisk by sending a specially crafted SIP MESSAGE message. |
CVE-2019-12827
|
| VCID-xcpx-unz5-gqbp | Buffer overflow in DNS SRV and NAPTR lookups in Digium Asterisk 15.x before 15.6.2 and 16.x before 16.0.1 allows remote attackers to crash Asterisk via a specially crafted DNS SRV or NAPTR response, because a buffer size is supposed to match an expanded length but actually matches a compressed length. |
CVE-2018-19278
|
| VCID-xqg6-5cn7-4bct | Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. |
CVE-2011-4063
|
| VCID-xr4a-tmxe-8fcd | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2021-26712
|
| VCID-xt5z-2sgq-4fc4 | Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. |
CVE-2012-5977
|
| VCID-y3vu-z8tx-tubb | An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. This is different from CVE-2019-18940. |
CVE-2019-18976
|
| VCID-y6sx-xqsh-wbcg | Multiple vulnerabilities have been found in PJSIP, the worst of which could result in arbitrary code execution. |
CVE-2022-24764
|
| VCID-ytty-tbs1-ffc7 | Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, user supplied/control values for Cookies and any GET variable query Parameter are directly interpolated into the HTML of the page using ast_str_append. The endpoint at GET /httpstatus is the potential vulnerable endpoint relating to asterisk/main /http.c. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2. |
CVE-2026-23738
|
| VCID-yx1m-ayfg-ryc3 | security update |
CVE-2021-43300
|
| VCID-yyjj-7dwq-nueq | A NULL pointer access issue was discovered in Asterisk 15.x through 15.2.1. The RTP support in Asterisk maintains its own registry of dynamic codecs and desired payload numbers. While an SDP negotiation may result in a codec using a different payload number, these desired ones are still stored internally. When an RTP packet was received, this registry would be consulted if the payload number was not found in the negotiated SDP. This registry was incorrectly consulted for all packets, even those which are dynamic. If the payload number resulted in a codec of a different type than the RTP stream (for example, the payload number resulted in a video codec but the stream carried audio), a crash could occur if no stream of that type had been negotiated. This was due to the code incorrectly assuming that a stream of that type would always exist. |
CVE-2018-7285
|
| VCID-z3fq-m317-ckb8 | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2022-26651
|
| VCID-zabf-adce-sqde | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2022-42705
|
| VCID-zbwp-f5me-jqhu | Multiple buffer overflows in Asterisk might allow remote attackers to cause a Denial of Service condition. |
CVE-2014-2286
|
| VCID-zgqk-kej8-qkhg | A vulnerability in Asterisk could allow a remote attacker to cause a Denial of Service condition. |
CVE-2012-0885
|
| VCID-zkuy-4hqk-vkca | Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure. |
CVE-2008-5558
|
| VCID-zn8s-5jkp-bkbr | The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in a NULL pointer dereference. |
CVE-2007-2294
|
| VCID-zr2v-gabj-8kak | asterisk: Two buffer overflows in RTP Codec Payload Handling (AST-2008-002) |
CVE-2008-1289
|
| VCID-ztn6-xpxt-vkhb | SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. |
CVE-2003-0779
|
| VCID-zv1p-p8tb-dqhm | Multiple vulnerabilities have been discovered in Asterisk, the worst of which can lead to privilege escalation. |
CVE-2021-31878
|
| VCID-zvpn-2gds-9yc4 | Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. |
CVE-2009-2346
|
| VCID-zvwt-wp8r-1qhx | Multiple vulnerabilities have been found in Asterisk, the worst of which could result in a Denial of Service condition. |
CVE-2017-16672
|
| VCID-zxkf-88k3-3qcn | security update |
CVE-2021-43302
|
| VCID-zzpx-gwmv-sfbz | An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chan_sip channel driver has a liberal definition for whitespace when attempting to strip the content between a SIP header name and a colon character. Rather than following RFC 3261 and stripping only spaces and horizontal tabs, Asterisk treats any non-printable ASCII character as if it were whitespace. This means that headers such as Contact\x01: will be seen as a valid Contact header. This mostly does not pose a problem until Asterisk is placed in tandem with an authenticating SIP proxy. In such a case, a crafty combination of valid and invalid To headers can cause a proxy to allow an INVITE request into Asterisk without authentication since it believes the request is an in-dialog request. However, because of the bug described above, the request will look like an out-of-dialog request to Asterisk. Asterisk will then process the request as a new call. The result is that Asterisk can process calls from unvetted sources without any authentication. If you do not use a proxy for authentication, then this issue does not affect you. If your proxy is dialog-aware (meaning that the proxy keeps track of what dialogs are currently valid), then this issue does not affect you. If you use chan_pjsip instead of chan_sip, then this issue does not affect you. |
CVE-2016-9938
|