Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Asterisk
(Digium)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 114 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-11-16 | CVE-2005-3559 | Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter. | Asterisk | N/A | ||
| 2005-07-05 | CVE-2005-2081 | Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character. | Asterisk | N/A | ||
| 2003-09-22 | CVE-2003-0779 | SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. | Asterisk | N/A | ||
| 2003-09-17 | CVE-2003-0761 | Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. | Asterisk | N/A |