GCVE - cpe:2.3:a:asterisk:asterisk:1.4.18.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:asterisk:asterisk:1.4.18.1:*:*:*:*:*:*:*

part: a version: 1.4.18.1 update: *

Vendor	Asterisk (`8cf0208b-fb97-57c9-94a0-6da40e548dcd`)
Product	Asterisk (`95a29321-1bd0-5763-8bc3-5646752cc98c`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/asterisk`	purl2cpe	2026-06-01 10:15:22.792381
`pkg:deb/ubuntu/asterisk`	purl2cpe	2026-06-01 10:15:22.792382
`pkg:github/asterisk/asterisk`	purl2cpe	2026-06-01 10:15:22.792384
`pkg:rpm/fedora/asterisk`	purl2cpe	2026-06-01 10:15:22.792385
`pkg:rpm/opensuse/asterisk`	purl2cpe	2026-06-01 10:15:22.792387

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-3263`	vulnerable	2026-06-03 14:28:52.877068	Details available The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (call-number exhaustion and CPU consumption) by quickly sending a large number of IAX2 (IAX) POKE requests. Published: 2008-07-22T23:00:00.000Z Updated: 2024-08-07T09:28:41.740Z Open on db.gcve.eu Reference links http://security.gentoo.org/glsa/glsa-200905-01.xml http://www.securityfocus.com/bid/30321 http://secunia.com/advisories/31194 https://exchange.xforce.ibmcloud.com/vulnerabilities/43942 http://www.vupen.com/english/advisories/2008/2168/references	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-1390`	vulnerable	2026-06-03 14:28:40.597930	Details available The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values, which makes it easier for remote attackers to hijack a manager session via a series of ID guesses. Published: 2008-03-24T17:00:00.000Z Updated: 2024-08-07T08:17:34.588Z Open on db.gcve.eu Reference links http://securityreason.com/securityalert/3764 http://www.securityfocus.com/bid/28316 http://www.securityfocus.com/archive/1/489819/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/41304 http://secunia.com/advisories/29449	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.