VulnerableCode Vulnerability Details

System	Score	Found at
epss	0.01331	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.01367	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.0769	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08543	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.08941	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
epss	0.12316	https://api.first.org/data/v1/epss?cve=CVE-2008-2119
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2008-2119

Data source	Exploit-DB
Date added	June 4, 2008
Description	Asterisk 1.2.x - SIP channel driver / in pedantic mode Remote Crash
Ransomware campaign use	Known
Source publication date	June 5, 2008
Exploit type	dos
Platform	multiple
Source update date	Dec. 5, 2016

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-2119

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vulnerability ID	VCID-5x78-uush-aaad
Aliases	CVE-2008-2119
Summary	Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing (aka pedanticsipchecking) is enabled, allows remote attackers to cause a denial of service (daemon crash) via a SIP INVITE message that lacks a From header, related to invocations of the ast_uri_decode function, and improper handling of (1) an empty const string and (2) a NULL pointer.
Status	Published
Exploitability	2.0
Weighted Severity	3.9
Risk	7.8
Affected and Fixed Packages	Package Details

Percentile	0.86443
EPSS Score	0.01331
Published At	Nov. 1, 2024, midnight

Reference id	Reference type	URL
		http://bugs.digium.com/view.php?id=12607
		http://downloads.digium.com/pub/security/AST-2008-008.html
		https://api.first.org/data/v1/epss?cve=CVE-2008-2119
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2119
		http://secunia.com/advisories/30517
		http://secunia.com/advisories/34982
		http://security.gentoo.org/glsa/glsa-200905-01.xml
		https://exchange.xforce.ibmcloud.com/vulnerabilities/42823
		http://svn.digium.com/view/asterisk?view=rev&revision=120109
		https://www.exploit-db.com/exploits/5749
		http://www.securityfocus.com/archive/1/493020/100/0/threaded
		http://www.securitytracker.com/id?1020166
		http://www.vupen.com/english/advisories/2008/1731
cpe:2.3:a:asterisk:asterisk_business_edition::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition::::::::
cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:::::::*
cpe:2.3:a:asterisk:asterisk_business_edition:b2.5.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b2.5.1:::::::*
cpe:2.3:a:asterisk:open_source::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source::::::::
cpe:2.3:a:asterisk:open_source:1.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0:::::::*
cpe:2.3:a:asterisk:open_source:1.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.0:::::::*
cpe:2.3:a:asterisk:open_source:1.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.1:::::::*
cpe:2.3:a:asterisk:open_source:1.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.11:::::::*
cpe:2.3:a:asterisk:open_source:1.0.11.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.11.1:::::::*
cpe:2.3:a:asterisk:open_source:1.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.12:::::::*
cpe:2.3:a:asterisk:open_source:1.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.2:::::::*
cpe:2.3:a:asterisk:open_source:1.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.3:::::::*
cpe:2.3:a:asterisk:open_source:1.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.4:::::::*
cpe:2.3:a:asterisk:open_source:1.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.5:::::::*
cpe:2.3:a:asterisk:open_source:1.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.6:::::::*
cpe:2.3:a:asterisk:open_source:1.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.7:::::::*
cpe:2.3:a:asterisk:open_source:1.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.8:::::::*
cpe:2.3:a:asterisk:open_source:1.0.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.0.9:::::::*
cpe:2.3:a:asterisk:open_source:1.2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.0:::::::*
cpe:2.3:a:asterisk:open_source:1.2.0beta1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.0beta1:::::::*
cpe:2.3:a:asterisk:open_source:1.2.0beta2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.0beta2:::::::*
cpe:2.3:a:asterisk:open_source:1.2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.1:::::::*
cpe:2.3:a:asterisk:open_source:1.2.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.10:::::::*
cpe:2.3:a:asterisk:open_source:1.2.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.11:::::::*
cpe:2.3:a:asterisk:open_source:1.2.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.12:::::::*
cpe:2.3:a:asterisk:open_source:1.2.12.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.12.1:::::::*
cpe:2.3:a:asterisk:open_source:1.2.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.13:::::::*
cpe:2.3:a:asterisk:open_source:1.2.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.14:::::::*
cpe:2.3:a:asterisk:open_source:1.2.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.15:::::::*
cpe:2.3:a:asterisk:open_source:1.2.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.16:::::::*
cpe:2.3:a:asterisk:open_source:1.2.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.17:::::::*
cpe:2.3:a:asterisk:open_source:1.2.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.18:::::::*
cpe:2.3:a:asterisk:open_source:1.2.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.19:::::::*
cpe:2.3:a:asterisk:open_source:1.2.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.2:::::::*
cpe:2.3:a:asterisk:open_source:1.2.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.20:::::::*
cpe:2.3:a:asterisk:open_source:1.2.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.21:::::::*
cpe:2.3:a:asterisk:open_source:1.2.21.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.21.1:::::::*
cpe:2.3:a:asterisk:open_source:1.2.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.22:::::::*
cpe:2.3:a:asterisk:open_source:1.2.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.23:::::::*
cpe:2.3:a:asterisk:open_source:1.2.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.24:::::::*
cpe:2.3:a:asterisk:open_source:1.2.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.25:::::::*
cpe:2.3:a:asterisk:open_source:1.2.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.26:::::::*
cpe:2.3:a:asterisk:open_source:1.2.26.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.26.1:::::::*
cpe:2.3:a:asterisk:open_source:1.2.26.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.26.2:::::::*
cpe:2.3:a:asterisk:open_source:1.2.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.27:::::::*
CVE-2008-2119		https://nvd.nist.gov/vuln/detail/CVE-2008-2119
GLSA-200905-01		https://security.gentoo.org/glsa/200905-01
OSVDB-46014;CVE-2008-2119	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/5749.pl