The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Asterisk Open Source

Asterisk: denial of service via T.38 SDP Re-invite
An attacker can trigger a fatal error via T.38 SDP Re-invite of Asterisk, in order to trigger a denial of service...
AST-2019-008, CERTFR-2019-AVI-587, CVE-2019-18976, VIGILANCE-VUL-30937
Asterisk: privilege escalation via AMI Originate Request
An attacker can bypass restrictions via AMI Originate Request of Asterisk, in order to escalate his privileges...
AST-2019-007, CERTFR-2019-AVI-587, CVE-2019-18610, DLA-2017-1, DLA-2017-2, VIGILANCE-VUL-30936
Asterisk: information disclosure via SIP Peer IP Address Change
An attacker can bypass access restrictions to data via SIP Peer IP Address Change of Asterisk, in order to obtain sensitive information...
AST-2019-006, CERTFR-2019-AVI-587, CVE-2019-18790, DLA-2017-1, DLA-2017-2, VIGILANCE-VUL-30935
Asterisk: two vulnerabilities
An attacker can use several vulnerabilities of Asterisk...
AST-2019-004, AST-2019-005, CVE-2019-15297, CVE-2019-15639, VIGILANCE-VUL-30260
Asterisk: denial of service via chan_sip
An attacker can trigger a fatal error via chan_sip of Asterisk, in order to trigger a denial of service...
AST-2019-003, CERTFR-2019-AVI-329, CVE-2019-13161, DLA-2017-1, DLA-2017-2, VIGILANCE-VUL-29754
Asterisk: denial of service via MESSAGE
An attacker can trigger a fatal error via MESSAGE of Asterisk, in order to trigger a denial of service...
AST-2019-002, CERTFR-2019-AVI-329, CVE-2019-12827, VIGILANCE-VUL-29753
Asterisk: denial of service via SDP
An attacker can trigger a fatal error via SDP of Asterisk, in order to trigger a denial of service...
AST-2019-001, CERTFR-2019-AVI-085, CVE-2019-7251, VIGILANCE-VUL-28628
Asterisk: denial of service via DNS-SRV/NAPTR Lookups
An attacker can generate a fatal error via DNS-SRV/NAPTR Lookups of Asterisk, in order to trigger a denial of service...
AST-2018-010, CERTFR-2018-AVI-556, CVE-2018-19278, VIGILANCE-VUL-27791
Asterisk: denial of service via res_http_websocket.so
An attacker can generate a fatal error via res_http_websocket.so of Asterisk, in order to trigger a denial of service...
AST-2018-009, CERTFR-2018-AVI-452, CVE-2018-17281, DLA-1523-1, DSA-4320-1, VIGILANCE-VUL-27278
Asterisk: information disclosure via PJSIP Endpoint Presence
An attacker can bypass access restrictions to data via PJSIP Endpoint Presence of Asterisk, in order to obtain sensitive information...
AST-2018-008, CERTFR-2018-AVI-276, CVE-2018-12227, DSA-4320-1, VIGILANCE-VUL-26373
Our database contains other pages. You can request a free trial to read them.

Display information about Asterisk Open Source: