The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Asterisk Open Source

Asterisk: denial of service via T.38 SDP Re-invite
An attacker can trigger a fatal error via T.38 SDP Re-invite of Asterisk, in order to trigger a denial of service...
AST-2019-008, CERTFR-2019-AVI-587, CVE-2019-18976, VIGILANCE-VUL-30937
Asterisk: privilege escalation via AMI Originate Request
An attacker can bypass restrictions via AMI Originate Request of Asterisk, in order to escalate his privileges...
AST-2019-007, CERTFR-2019-AVI-587, CVE-2019-18610, DLA-2017-1, DLA-2017-2, VIGILANCE-VUL-30936
Asterisk: two vulnerabilities
An attacker can use several vulnerabilities of Asterisk...
AST-2019-004, AST-2019-005, CVE-2019-15297, CVE-2019-15639, VIGILANCE-VUL-30260
Asterisk: denial of service via chan_sip
An attacker can trigger a fatal error via chan_sip of Asterisk, in order to trigger a denial of service...
AST-2019-003, CERTFR-2019-AVI-329, CVE-2019-13161, DLA-2017-1, DLA-2017-2, VIGILANCE-VUL-29754
Asterisk: denial of service via MESSAGE
An attacker can trigger a fatal error via MESSAGE of Asterisk, in order to trigger a denial of service...
AST-2019-002, CERTFR-2019-AVI-329, CVE-2019-12827, VIGILANCE-VUL-29753
Asterisk: denial of service via SDP
An attacker can trigger a fatal error via SDP of Asterisk, in order to trigger a denial of service...
AST-2019-001, CERTFR-2019-AVI-085, CVE-2019-7251, VIGILANCE-VUL-28628
Asterisk: denial of service via DNS-SRV/NAPTR Lookups
An attacker can generate a fatal error via DNS-SRV/NAPTR Lookups of Asterisk, in order to trigger a denial of service...
AST-2018-010, CERTFR-2018-AVI-556, CVE-2018-19278, VIGILANCE-VUL-27791
Asterisk: denial of service via res_http_websocket.so
An attacker can generate a fatal error via res_http_websocket.so of Asterisk, in order to trigger a denial of service...
AST-2018-009, CERTFR-2018-AVI-452, CVE-2018-17281, DLA-1523-1, DSA-4320-1, VIGILANCE-VUL-27278
Asterisk: information disclosure via PJSIP Endpoint Presence
An attacker can bypass access restrictions to data via PJSIP Endpoint Presence of Asterisk, in order to obtain sensitive information...
AST-2018-008, CERTFR-2018-AVI-276, CVE-2018-12227, DSA-4320-1, VIGILANCE-VUL-26373
Asterisk: infinite loop via iostreams
An attacker can generate an infinite loop via iostreams of Asterisk, in order to trigger a denial of service...
AST-2018-007, CERTFR-2018-AVI-276, CVE-2018-12228, VIGILANCE-VUL-26372
Our database contains other pages. You can request a free trial to read them.

Display information about Asterisk Open Source: