GCVE - cpe:2.3:a:asterisk:asterisknow:beta_6:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:asterisk:asterisknow:beta_6:*:*:*:*:*:*:*

part: a version: beta_6 update: *

Vendor	Asterisk (`8cf0208b-fb97-57c9-94a0-6da40e548dcd`)
Product	Asterisknow (`485794da-d1c3-51df-8220-29eac1c9a59c`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-3264`	vulnerable	2026-06-03 14:28:52.907060	Details available The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request. Published: 2008-07-24T15:18:00.000Z Updated: 2024-08-07T09:28:41.869Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id?1020536 http://security.gentoo.org/glsa/glsa-200905-01.xml http://secunia.com/advisories/31194 http://www.vupen.com/english/advisories/2008/2168/references http://downloads.digium.com/pub/security/AST-2008-011.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-1390`	vulnerable	2026-06-03 14:28:40.604192	Details available The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values, which makes it easier for remote attackers to hijack a manager session via a series of ID guesses. Published: 2008-03-24T17:00:00.000Z Updated: 2024-08-07T08:17:34.588Z Open on db.gcve.eu Reference links http://securityreason.com/securityalert/3764 http://www.securityfocus.com/bid/28316 http://www.securityfocus.com/archive/1/489819/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/41304 http://secunia.com/advisories/29449	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3765`	vulnerable	2026-06-03 14:28:16.977103	Details available The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port. Published: 2007-07-18T17:00:00.000Z Updated: 2024-08-07T14:28:52.295Z Open on db.gcve.eu Reference links http://secunia.com/advisories/26099 http://www.securityfocus.com/bid/24950 http://www.securitytracker.com/id?1018407 http://ftp.digium.com/pub/asa/ASA-2007-017.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/35480	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3764`	vulnerable	2026-06-03 14:28:16.976015	Details available The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an "overly large memcpy." Published: 2007-07-18T17:00:00.000Z Updated: 2024-08-07T14:28:52.239Z Open on db.gcve.eu Reference links http://secunia.com/advisories/26099 http://www.securityfocus.com/bid/24950 http://www.securitytracker.com/id?1018407 http://security.gentoo.org/glsa/glsa-200802-11.xml http://secunia.com/advisories/29051	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3763`	vulnerable	2026-06-03 14:28:16.974637	Details available The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable. Published: 2007-07-18T17:00:00.000Z Updated: 2024-08-07T14:28:52.493Z Open on db.gcve.eu Reference links http://ftp.digium.com/pub/asa/ASA-2007-015.pdf http://secunia.com/advisories/26099 http://www.securityfocus.com/bid/24950 http://www.securitytracker.com/id?1018407 http://security.gentoo.org/glsa/glsa-200802-11.xml	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-3762`	vulnerable	2026-06-03 14:28:16.971951	Details available Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame. Published: 2007-07-18T17:00:00.000Z Updated: 2024-08-07T14:28:52.292Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/35466 http://secunia.com/advisories/26099 http://www.securitytracker.com/id?1018407 http://security.gentoo.org/glsa/glsa-200802-11.xml http://secunia.com/advisories/29051	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.