GCVE - cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.3:*:*:*:*:*:*:*

part: a version: b.2.5.3 update: *

Vendor	Asterisk (`8cf0208b-fb97-57c9-94a0-6da40e548dcd`)
Product	Asterisk Business Edition (`51a12edd-5496-597f-8b86-bea9035b3525`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-0041`	vulnerable	2026-06-03 14:29:21.944633	Details available IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. Published: 2009-01-14T23:00:00.000Z Updated: 2024-08-07T04:17:10.507Z Open on db.gcve.eu Reference links http://security.gentoo.org/glsa/glsa-200905-01.xml http://www.securityfocus.com/archive/1/499884/100/0/threaded http://secunia.com/advisories/33453 http://securityreason.com/securityalert/4910 http://www.securityfocus.com/bid/33174	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-5558`	vulnerable	2026-06-03 14:29:10.075166	Details available Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching. Published: 2008-12-17T17:00:00.000Z Updated: 2024-08-07T10:56:47.072Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/32773 http://security.gentoo.org/glsa/glsa-200905-01.xml http://secunia.com/advisories/32956 http://osvdb.org/50675 http://securityreason.com/securityalert/4769	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-3264`	vulnerable	2026-06-03 14:28:52.899837	Details available The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request. Published: 2008-07-24T15:18:00.000Z Updated: 2024-08-07T09:28:41.869Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id?1020536 http://security.gentoo.org/glsa/glsa-200905-01.xml http://secunia.com/advisories/31194 http://www.vupen.com/english/advisories/2008/2168/references http://downloads.digium.com/pub/security/AST-2008-011.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Asterisk Business Edition

PURL mappings

Vulnerability references

Contribute