{ "id": "CVE-2009-2726", "sourceIdentifier": "cve@mitre.org", "published": "2009-08-12T10:30:01.110", "lastModified": "2018-10-10T19:42:05.157", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, 1.4.x before 1.4.26.1, 1.6.0.x before 1.6.0.12, and 1.6.1.x before 1.6.1.4; Asterisk Business Edition A.x.x, B.x.x before B.2.5.9, C.2.x before C.2.4.1, and C.3.x before C.3.1; and Asterisk Appliance s800i 1.2.x before 1.3.0.3 does not use a maximum width when invoking sscanf style functions, which allows remote attackers to cause a denial of service (stack memory consumption) via SIP packets containing large sequences of ASCII decimal characters, as demonstrated via vectors related to (1) the CSeq value in a SIP header, (2) large Content-Length value, and (3) SDP." }, { "lang": "es", "value": "El driver SIP channel en Asterisk Open Source v1.2.x anterior a v1.2.34, v1.4.x anterior a v1.4.26.1, v1.6.0.x anterior a v1.6.0.12, y v1.6.1.x anterior a v1.6.1.4; Asterisk Business Edition vA.x.x, vB.x.x anterior a vB.2.5.9, vC.2.x anterior a vC.2.4.1, y vC.3.x anterior a vC.3.1; y Asterisk Appliance s800i v1.2.x anterior a v1.3.0.3, no utiliza el ancho m\u00e1ximo cuando se invocan las funciones de estilo sscanf, lo que permite a atacantes remotos producir una denegaci\u00f3n de servicio (agotamiento de la pila de memoria) a trav\u00e9s de paquetes SIP que contienen secuencias largas de caracteres ASCII decimales, como se demostr\u00f3 a trav\u00e9s de vectores relacionados con (1) el valor CSeq en una cabecera SIP, (2) valores Content-Length, y (3) SDP." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-399" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:business_edition:b.1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "8086337E-5020-43E7-9BAB-62AA22A354AA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:business_edition:c.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "30C6D2DE-1F8F-4319-B254-D35E71083220" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:business_edition:c.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "17D78AA8-AF67-4343-A9B0-EFC63D8CC4BC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9F7971E1-F136-4ADC-95EC-BC4F92E838CF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "E62D108C-862D-4BDB-BE37-285AA4C9C59A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "CF1422F3-829D-498C-83A6-02989DFB70A7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "CBEB9D69-A404-4053-92F9-CAC3481AFF1B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "E816CCDB-4169-4F09-AE87-E467F4BE7685" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "27202966-2C41-4964-9497-1887D2A834C0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1471B5A2-15BE-4E7C-BA49-2E6002F7C8EC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.2:netsec:*:*:*:*:*:*", "matchCriteriaId": "65223182-1675-462C-AF67-4A48760A63F5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7108D72F-5AFD-4EEF-B2A9-CA4FA792E193" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.3:netsec:*:*:*:*:*:*", "matchCriteriaId": "DC7EB4CD-6436-4E0B-A620-9DF2AC8A3C66" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "107DA2D8-FE7C-4B70-856D-43D58B988694" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.4:netsec:*:*:*:*:*:*", "matchCriteriaId": "02D5E6DF-7C9C-479F-986B-D5C8A144ACB8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "ABD71DD9-8A15-45E2-9FB3-F0544D7E1B80" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.5:netsec:*:*:*:*:*:*", "matchCriteriaId": "68AF6200-1385-449F-A00E-2BACEE16450B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "5C14614F-4E27-40A6-9E56-2B1DBB10330B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.6:netsec:*:*:*:*:*:*", "matchCriteriaId": "61C0769F-6739-41D2-ADD8-924AC04C5F28" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "7A2F2F5A-66FD-4057-917C-66332A88D83E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.7:netsec:*:*:*:*:*:*", "matchCriteriaId": "8EF13987-5767-4FED-9584-63D74B0A30A1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "399B0206-B48B-46EF-8CA6-A6E5A2550B25" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.7.1:netsec:*:*:*:*:*:*", "matchCriteriaId": "C57C1324-E11A-4B2B-9722-A4A63AEF0497" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "26E9760F-C0EB-47BB-8DA4-CC7815099DAF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.8:netsec:*:*:*:*:*:*", "matchCriteriaId": "EE6D9718-D57D-48F6-A2B1-CECAFFCDDFB8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "6BD915CD-A7D3-4305-A6C0-290C648A226C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.9.1:netsec:*:*:*:*:*:*", "matchCriteriaId": "3249AB40-2058-42E9-9A33-64E434E5BB64" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "9E79CCE5-C29B-4726-8D2F-BC20F70959BA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.10:netsec:*:*:*:*:*:*", "matchCriteriaId": "0CF6584D-A7BB-4BD5-8232-9293FEE4A971" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "F29C13DB-6F04-4B41-90A2-2408D70F3641" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.11:netsec:*:*:*:*:*:*", "matchCriteriaId": "174D6B56-7D0F-46F0-849A-FD05CB348FAC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "0F4F734E-0E78-4957-B323-8E9FBA7FF15C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.12:netsec:*:*:*:*:*:*", "matchCriteriaId": "938F545A-F8A7-455E-8E5A-2B5454B6CE53" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "1A4B117B-E945-4033-A79D-10DFAA3DF18B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.12.1:netsec:*:*:*:*:*:*", "matchCriteriaId": "E7C0897A-C841-4AAB-A6B3-1FCF7A99A60A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*", "matchCriteriaId": "EA6D866F-8189-4FFD-AA24-47C0A015C246" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.13:netsec:*:*:*:*:*:*", "matchCriteriaId": "B2BAA1B3-7DD3-4248-915D-2BCC0ACFA2C2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.14:netsec:*:*:*:*:*:*", "matchCriteriaId": "21612C17-7368-4108-B55B-5AB5CA6733E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "E9E1028E-2C07-4BA3-B891-FA853A87B280" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.15:netsec:*:*:*:*:*:*", "matchCriteriaId": "8A0D57D7-15AD-4CDF-A5A7-AB83F8E6154E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*", "matchCriteriaId": "9E74F577-70BD-4FAF-BCFD-10CD21FC5601" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.16:netsec:*:*:*:*:*:*", "matchCriteriaId": "06DB25C8-4EA5-465F-8EFA-BCA8D40F1795" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*", "matchCriteriaId": "57BB03E2-E61C-4A94-82DF-8720698CE271" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.17:netsec:*:*:*:*:*:*", "matchCriteriaId": "A149F8C2-3DA5-44B2-A288-3482F3975824" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "1B30A36F-5CE6-4246-8752-176FB5999C1A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.18:netsec:*:*:*:*:*:*", "matchCriteriaId": "9462B320-B69D-409D-8DCC-D8D6CA1A757D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*", "matchCriteriaId": "E0F76DFD-4DAC-4B02-8967-B242CDEEF6C9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.19:netsec:*:*:*:*:*:*", "matchCriteriaId": "ECCCBAE9-8FD4-43F0-9EF8-56E9BBA3D8C4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:*:*:*:*:*:*:*", "matchCriteriaId": "6A59BC20-3217-4584-9196-D1CD9E0D6B52" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.20:netsec:*:*:*:*:*:*", "matchCriteriaId": "BEA0014A-659B-4533-A393-6D4ADC80EB0E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*", "matchCriteriaId": "56F728BA-FC9E-4EEE-9A08-C9C7433BD8D9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.21:netsec:*:*:*:*:*:*", "matchCriteriaId": "8F1621F9-7C84-4CF0-BBCD-CEAEE8683BAA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C64DF29-5B3D-401E-885E-8E37FD577254" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.21.1:netsec:*:*:*:*:*:*", "matchCriteriaId": "346C9F65-B5FB-4A75-8E1B-137112F270D2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*", "matchCriteriaId": "1A7BF52A-2FF8-40ED-B757-28A1101DE8F5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.22:netsec:*:*:*:*:*:*", "matchCriteriaId": "7EFEE380-0C64-4413-AF3A-45ABC8833500" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*", "matchCriteriaId": "7A321C2D-852B-4498-ADD6-79956410AB94" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.23:netsec:*:*:*:*:*:*", "matchCriteriaId": "8CA18FC6-1480-400E-A885-8CDAE45AA7A8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*", "matchCriteriaId": "9D5F0DCF-C6A2-4A09-90C9-D70F174FDEF5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.24:netsec:*:*:*:*:*:*", "matchCriteriaId": "93741261-378B-4C02-8D68-0E5F39128375" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*", "matchCriteriaId": "C820538E-14EC-43C1-80DB-6AAE4905EF0B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.25:netsec:*:*:*:*:*:*", "matchCriteriaId": "07CF9DD6-B624-49F0-A8E4-7EBCE7932BEE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*", "matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:netsec:*:*:*:*:*:*", "matchCriteriaId": "9EEA1E9C-C1FB-4EFD-86EA-DCF78C57FC35" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*", "matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:netsec:*:*:*:*:*:*", "matchCriteriaId": "5E20FAF7-9031-478E-A89C-D6FB3B5FDE3A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*", "matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:netsec:*:*:*:*:*:*", "matchCriteriaId": "72375576-F857-4585-A677-A326D89A65B5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.27:*:*:*:*:*:*:*", "matchCriteriaId": "BE47A547-26E7-48F9-B0A6-2F65E04A1EDE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.28:*:*:*:*:*:*:*", "matchCriteriaId": "E1AEB744-FCF2-4A41-8866-9D1D20E6C6B8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.29:*:*:*:*:*:*:*", "matchCriteriaId": "51E5EB34-30AD-4E81-8BD4-4AB905E52B82" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.30:*:*:*:*:*:*:*", "matchCriteriaId": "4359322B-08D0-4710-A9C3-54BD4A17B800" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.2:*:*:*:*:*:*:*", "matchCriteriaId": "78F84DF4-DBA7-430C-AF17-F52024EF80D7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.3:*:*:*:*:*:*:*", "matchCriteriaId": "34266614-3588-485C-A609-37823F8499AC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.4:*:*:*:*:*:*:*", "matchCriteriaId": "DD299B8E-D912-4B67-85C3-79CFF4C4F3E6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "967DF432-DEF4-4FA2-8C8D-19A7FB663A33" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "40850BF4-E252-4667-9B46-9B6FEF6E997D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "1BB01DD1-B29B-4210-88CC-9ADB3148A410" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "5C0FA6A3-BFA9-4397-B75B-75C8357C36B2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "295D4042-2D3C-481B-B969-2DDAC1161198" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "99E9EE2A-56AD-42BC-8CB0-D34091849B0E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "96877A3E-B54B-4F31-B281-76CDC98B2D02" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "6D0B4503-42A6-4D88-954E-A662E91EC204" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4B73813-BCD8-429E-B9B9-D6665E026BC5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "5BBA3ECC-4F40-41CD-A6D7-BBD680DDBACC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "9CBE2156-AF86-4C72-B33D-3FF83930F828" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "61408884-FBBF-4D94-A552-F99AB46DCED6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "4A527277-D97D-4B74-906F-7481BDBD96D6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "D8B57A32-7B83-4783-A244-C26301970444" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "044FD0D0-FC92-4A01-B0D4-11A703EF21FD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3477EC1A-9634-492C-B052-35770A9C9F4C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "1C90F104-FA2C-4091-B149-1774AC982C0F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "C9328768-7C08-4143-B5F8-F5C2D735D21A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "6C04E2B3-094B-4828-A2FC-BB66244A9F73" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "4BDE3D31-4BB2-45A3-B085-8C91152A3152" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "CE0107D4-395E-45F1-B963-7618CCC007D1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "53B8E11B-4984-45A8-A107-D276205988B0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "2495DB98-F923-4E60-86EC-2DBB7A98C90C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.1:*:*:*:*:*:*:*", "matchCriteriaId": "E186D125-996E-4900-A2B8-5CDC8B5D5136" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.16.2:*:*:*:*:*:*:*", "matchCriteriaId": "27DC6CF7-4DF8-4472-A684-8CCB5E26FCFD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "88576385-EF03-408B-9775-B52E6AFFE48A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "1A838577-2BA1-4792-8B69-6FB07FFD7727" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.18.1:*:*:*:*:*:*:*", "matchCriteriaId": "CDEED3E1-13E0-46E6-8AAB-D24D2D04AE4F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "ED2BF36F-CF10-4F24-970B-3D0BB7561C81" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc-2:*:*:*:*:*:*", "matchCriteriaId": "D35DD57B-EF77-4C5F-9B44-DAF5E0560E22" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "BFC1BB05-15C6-4829-86EB-5B1BFA4B5B17" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc2:*:*:*:*:*:*", "matchCriteriaId": "AB77E88B-7233-4979-914E-24E671C1FB23" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc3:*:*:*:*:*:*", "matchCriteriaId": "C4FF0F09-0268-480F-A2F3-6F8C3F323EEB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19:rc4:*:*:*:*:*:*", "matchCriteriaId": "1CCF9CAE-674A-4833-9D5C-FCBD865BE9F6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB1593E1-BF21-4DB9-A18E-9F221F3F9022" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC8E9FE3-FA25-4054-876E-4A3CE6E71AFF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.19_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "2D41604A-21CB-4EF3-85E8-8CD170C8013F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "4BBAEADC-D1DE-46EF-808C-2F6D2A74D988" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc1:*:*:*:*:*:*", "matchCriteriaId": "AEF8EB4B-2947-4BD3-ADF3-345AEFE85B05" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc2:*:*:*:*:*:*", "matchCriteriaId": "E4476FB3-A759-49F5-ABDE-6D2A321B61BF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.20:rc3:*:*:*:*:*:*", "matchCriteriaId": "DFC109C3-2F52-48BE-B07E-3D65F31C1012" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:*:*:*:*:*:*:*", "matchCriteriaId": "E54101A9-3967-4111-8A03-DA1BB23141BE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:rc1:*:*:*:*:*:*", "matchCriteriaId": "D8B00600-1D45-41F7-9A10-97FB39012FDF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.21:rc2:*:*:*:*:*:*", "matchCriteriaId": "D8CB2331-0F95-45E0-AF5B-0B9C74C5BA88" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.21.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4ADB6A7-76AC-4AE3-B1AA-9F8DFA635418" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.21.2:*:*:*:*:*:*:*", "matchCriteriaId": "776BC35C-CF37-4F4E-9FD5-EC351D4C2C2D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "F10DAABC-FF06-44FB-98EC-B6AD17C03FBC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:rc3:*:*:*:*:*:*", "matchCriteriaId": "ACA8AFD5-4C7C-4876-93CA-C5B3E881C455" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.22:rc4:*:*:*:*:*:*", "matchCriteriaId": "547EEB2B-2ECA-4B00-83BB-CFAA11BE0145" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.22.1:*:*:*:*:*:*:*", "matchCriteriaId": "83829E0F-C24B-4BD6-88EA-98898A9AD86E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.22.2:*:*:*:*:*:*:*", "matchCriteriaId": "D4C19141-823E-4057-A699-FD1DFF92DF38" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "ECE7FE41-E749-49B8-99DF-19F9E7C4827A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:rc1:*:*:*:*:*:*", "matchCriteriaId": "4E78234B-39B6-4DB4-A10F-AA55F174D4F3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:rc2:*:*:*:*:*:*", "matchCriteriaId": "3984CF42-2431-4661-B333-C6721DF7123A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4.23:rc3:*:*:*:*:*:*", "matchCriteriaId": "303CBFC2-22C1-47CE-A26C-A99B05763374" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.4beta:*:*:*:*:*:*:*", "matchCriteriaId": "2A8012CE-4D4B-4131-87E7-16D7907E3BB3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "D4F88914-6097-4AF1-8337-DCF062EB88AE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "8BDB49DC-5344-451E-B8D6-D02C3431CE78" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "B1FDA8D3-5082-479B-BA0A-F1E83D750B5F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "7305910F-42BA-44CE-A7AC-B6F74200B68D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "B93EB4D6-3375-44BC-870F-714A3BC00C2B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta7:*:*:*:*:*:*", "matchCriteriaId": "52F60D6E-64EB-4223-8A79-595693B444C3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta7.1:*:*:*:*:*:*", "matchCriteriaId": "37CF29B9-4397-4298-9326-0443E666CDC8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta8:*:*:*:*:*:*", "matchCriteriaId": "7D85DA34-A977-4A82-8E79-7BFE064DE9EE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:beta9:*:*:*:*:*:*", "matchCriteriaId": "1476EF7B-A6F8-4B10-AF0F-986EA6BA3116" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "98E222F0-4CAA-4247-A00D-C6CEC2E55198" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "63744245-6126-47F6-B9F5-E936538140C7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "C8805BEE-A4CF-45C2-B948-F1E8EF0A0886" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4E474C33-B42A-4BB8-AC57-8A9071316240" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B83B3132-7D78-4AC3-B83A-A6A20AA28993" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0147FCED-AE75-4945-B76E-33F2AA764B9B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.0.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "9C976AB0-2D1A-40CA-AEC3-E271B59B6960" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:open_source:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "6613838D-452D-45B4-814D-102C0C86C31E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:opensource:1.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "9E5BFF9D-13AD-4278-9600-F51E79747438" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:opensource:1.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "8FFFD837-E531-458C-AC94-25B378E62000" }, { "vulnerable": true, "criteria": "cpe:2.3:a:asterisk:opensource:1.4.23.1:*:*:*:*:*:*:*", "matchCriteriaId": "154A2A5F-8431-4E4F-B1E5-070C3BD0B591" }, { "vulnerable": true, "criteria": "cpe:2.3:h:asterisk:appliance_s800i:1.3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B08893AA-F51D-44CA-97C1-8E7E5A7A7F54" } ] } ] } ], "references": [ { "url": "http://downloads.digium.com/pub/security/AST-2009-005.html", "source": "cve@mitre.org" }, { "url": "http://labs.mudynamics.com/advisories/MU-200908-01.txt", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/505669/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/36015", "source": "cve@mitre.org", "tags": [ "Exploit" ] }, { "url": "http://www.securitytracker.com/id?1022705", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2009/2229", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] } ] }