2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2005-3559" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2005-11-16T07:42:00.000" ,
2024-11-22 01:07:11 +00:00
"lastModified" : "2024-11-21T00:02:10.953" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N" ,
2024-11-22 01:07:11 +00:00
"baseScore" : 5.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "NONE" ,
2024-11-22 01:07:11 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-Other"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "864D95C2-9B1B-4EB4-82CD-3BA5E063FEED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D0FB4B52-69CA-45DA-AE22-E6667E8B98FA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BD8FF789-3B09-4974-B62F-CCD7F5AA2BC4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F4FA92F7-46BB-444C-ADAB-4B550CD0B69C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A003A2C3-1C4F-4A76-BABE-C55A761E3321"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A063E6CD-16F8-42E0-A9A2-4D33C10F7EF2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6EBC7FE3-D810-487C-8FD3-27B8729DCA41"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8C08E661-23D9-437F-844F-6BE8183CF3CA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1D030C12-C2C6-4714-B776-2EF7ECF1A591"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CE5A8210-2E7C-465C-9751-CB362AADC224"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F9DBCFB5-65BF-46FE-AC19-2557B6C0BD01"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "99C185C9-9592-43A1-9811-80E16032F396"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.1.12:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5BD696CD-3B63-4C8B-966E-EE00F44CA44C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.2.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BE096C63-221B-4746-B8B6-9314C4CD6FFE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.3.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "24CE1C95-D4C7-4662-AD0D-5219335BAF40"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9149505F-D47B-40C3-93EB-A3C647A1AC9F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.5.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "94FC8F82-D648-4127-9914-27414358AC33"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0CCCA63B-AB59-4827-BD6F-4AF0155151F5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.7.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "16FC9C13-ADDD-4F09-B977-EE0DEF598B1B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:0.7.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2C20296F-F70A-4D3C-A062-B6054617841C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E9A92B4D-16A7-4D99-8F3A-2E5D3B12C86B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "16783925-8EC5-431F-90B5-93B16DCC10B7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9C59AF9E-FEC7-44AB-B392-49DB11BAEB0D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "325C4452-6541-46F6-A86C-6D6987583FB1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5424B5B4-99B3-4695-8E0D-7E8DC8B88C3B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62BDF9F0-1AFD-47E6-9054-A9FC6D422DD4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5A8D2125-019A-4B73-9E1A-98E745148803"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "46C60C04-EF59-4F5C-96E5-A6E693EA9A06"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3636BB44-DF4D-40AB-8EBB-1EC5D911E4A2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B3B3C254-29D9-4911-89A9-AC0CD9EB13F0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0_rc1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E49F2D76-DC82-4289-8891-4982795D896A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.0_rc2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "203237E0-BB44-42D0-B65B-CBDAAA68A1BF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:digium:asterisk:1.2.0_beta1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4042CC21-F3CB-4C77-9E60-AF8AA9A191C7"
}
]
}
]
}
] ,
"references" : [
2024-04-04 08:46:00 +00:00
{
"url" : "http://osvdb.org/20577" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://secunia.com/advisories/17459" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/19872" ,
"source" : "cve@mitre.org"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://securitytracker.com/id?1015164" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.assurance.com.au/advisories/200511-asterisk.txt" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Exploit" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://www.debian.org/security/2006/dsa-1048" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/415990/30/0/threaded" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.securityfocus.com/bid/15336" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2005/2346" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23002" ,
"source" : "cve@mitre.org"
2024-11-22 01:07:11 +00:00
} ,
{
"url" : "http://osvdb.org/20577" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://secunia.com/advisories/17459" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://secunia.com/advisories/19872" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://securitytracker.com/id?1015164" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.assurance.com.au/advisories/200511-asterisk.txt" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://www.debian.org/security/2006/dsa-1048" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/archive/1/415990/30/0/threaded" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/bid/15336" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.vupen.com/english/advisories/2005/2346" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23002" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
