Approved changes feed: RSS · Atom
cpe:2.3:a:asterisk:asterisk:b.1.3.2:*:business:*:*:*:*:*
part: a version: b.1.3.2 update: *
| Vendor | Asterisk (8cf0208b-fb97-57c9-94a0-6da40e548dcd) |
|---|---|
| Product | Asterisk (95a29321-1bd0-5763-8bc3-5646752cc98c) |
| Edition | business |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/asterisk |
purl2cpe | 2026-06-01 10:15:22.900760 |
pkg:deb/ubuntu/asterisk |
purl2cpe | 2026-06-01 10:15:22.900762 |
pkg:github/asterisk/asterisk |
purl2cpe | 2026-06-01 10:15:22.900763 |
pkg:rpm/fedora/asterisk |
purl2cpe | 2026-06-01 10:15:22.900765 |
pkg:rpm/opensuse/asterisk |
purl2cpe | 2026-06-01 10:15:22.900766 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2009-2346 |
vulnerable | 2026-06-03 14:29:40.584291 |
Details available
The IAX2 protocol implementation in Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6; Business Edition B.x.x before B.2.5.10, C.2.x before C.2.4.3, and C.3.x before C.3.1.1; and s800i 1.3.x before 1.3.0.3 allows remote attackers to cause a denial of service (call-number exhaustion) by initiating many IAX2 message exchanges, a related issue to CVE-2008-3263.
Published: 2009-09-08T18:00:00.000Z
Updated: 2024-08-07T05:44:55.999Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-3263 |
vulnerable | 2026-06-03 14:28:52.881156 |
Details available
The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (call-number exhaustion and CPU consumption) by quickly sending a large number of IAX2 (IAX) POKE requests.
Published: 2008-07-22T23:00:00.000Z
Updated: 2024-08-07T09:28:41.740Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1332 |
vulnerable | 2026-06-03 14:28:40.170719 |
Details available
Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header.
Published: 2008-03-20T00:00:00.000Z
Updated: 2024-08-07T08:17:34.472Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-3765 |
vulnerable | 2026-06-03 14:28:16.977024 |
Details available
The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port.
Published: 2007-07-18T17:00:00.000Z
Updated: 2024-08-07T14:28:52.295Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-3764 |
vulnerable | 2026-06-03 14:28:16.975673 |
Details available
The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an "overly large memcpy."
Published: 2007-07-18T17:00:00.000Z
Updated: 2024-08-07T14:28:52.239Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-3763 |
vulnerable | 2026-06-03 14:28:16.974557 |
Details available
The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable.
Published: 2007-07-18T17:00:00.000Z
Updated: 2024-08-07T14:28:52.493Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-3762 |
vulnerable | 2026-06-03 14:28:16.967539 |
Details available
Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame.
Published: 2007-07-18T17:00:00.000Z
Updated: 2024-08-07T14:28:52.292Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.