Lucene search

MitreCVE-2008-3264

HistoryJul 24, 2008 - 3:41 p.m.

CVE-2008-3264

2008-07-2415:41:00

CWE-287

mitre

web.nvd.nist.gov

asterisk

open source

firmware

denial of service

iax2

security vulnerability

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.3

Confidence

Low

EPSS

0.085

Percentile

94.5%

JSON

The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request.

Affected configurations

Nvd

Node

asterisks800i_applianceMatch1.0

asterisks800i_applianceMatch1.0.1

asterisks800i_applianceMatch1.0.2

asterisks800i_applianceMatch1.0.3

AND

asteriskasterisk_appliance_developer_kitMatch0.2

asteriskasterisk_appliance_developer_kitMatch0.3

asteriskasterisk_appliance_developer_kitMatch0.4

asteriskasterisk_appliance_developer_kitMatch0.5

asteriskasterisk_appliance_developer_kitMatch0.6

asteriskasterisk_appliance_developer_kitMatch0.6.0

asteriskasterisk_appliance_developer_kitMatch0.7

asteriskasterisk_appliance_developer_kitMatch0.8

asteriskasterisk_business_editionMatcha

asteriskasterisk_business_editionMatchb

asteriskasterisk_business_editionMatchb.1.3.2

asteriskasterisk_business_editionMatchb.1.3.3

asteriskasterisk_business_editionMatchb.2.2.0

asteriskasterisk_business_editionMatchb.2.2.1

asteriskasterisk_business_editionMatchb.2.3.1

asteriskasterisk_business_editionMatchb.2.3.2

asteriskasterisk_business_editionMatchb.2.3.3

asteriskasterisk_business_editionMatchb.2.3.4

asteriskasterisk_business_editionMatchb.2.3.6

asteriskasterisk_business_editionMatchb.2.5.0

asteriskasterisk_business_editionMatchb.2.5.3

asteriskasterisk_business_editionMatchb2.5.1

asteriskasterisk_business_editionMatchb2.5.2

asteriskasterisk_business_editionMatchc

asteriskasterisk_business_editionMatchc.1.0-beta7

asteriskasterisk_business_editionMatchc.1.0-beta8

asteriskasterisk_business_editionMatchc.1.6

asteriskasterisk_business_editionMatchc.1.6.1

asteriskasterisk_business_editionMatchc.1.6.2

asteriskasterisk_business_editionMatchc1.8.0

asteriskasterisk_business_editionMatchc1.8.1

asteriskasterisknowMatchbeta_5

asteriskasterisknowMatchbeta_6

asteriskasterisknowMatchbeta_7

asteriskasterisknowMatchpre-release

asteriskopen_sourceMatch1.0

asteriskopen_sourceMatch1.0.0

asteriskopen_sourceMatch1.0.1

asteriskopen_sourceMatch1.0.2

asteriskopen_sourceMatch1.0.3

asteriskopen_sourceMatch1.0.3.4

asteriskopen_sourceMatch1.0.4

asteriskopen_sourceMatch1.0.5

asteriskopen_sourceMatch1.0.6

asteriskopen_sourceMatch1.0.7

asteriskopen_sourceMatch1.0.8

asteriskopen_sourceMatch1.0.9

asteriskopen_sourceMatch1.0.11

asteriskopen_sourceMatch1.0.11.1

asteriskopen_sourceMatch1.0.12

asteriskopen_sourceMatch1.2.0

asteriskopen_sourceMatch1.2.0beta1

asteriskopen_sourceMatch1.2.0beta2

asteriskopen_sourceMatch1.2.1

asteriskopen_sourceMatch1.2.2

asteriskopen_sourceMatch1.2.3

asteriskopen_sourceMatch1.2.4

asteriskopen_sourceMatch1.2.5

asteriskopen_sourceMatch1.2.6

asteriskopen_sourceMatch1.2.7

asteriskopen_sourceMatch1.2.7.1

asteriskopen_sourceMatch1.2.8

asteriskopen_sourceMatch1.2.9

asteriskopen_sourceMatch1.2.9.1

asteriskopen_sourceMatch1.2.10

asteriskopen_sourceMatch1.2.11

asteriskopen_sourceMatch1.2.12

asteriskopen_sourceMatch1.2.12.1

asteriskopen_sourceMatch1.2.13

asteriskopen_sourceMatch1.2.14

asteriskopen_sourceMatch1.2.15

asteriskopen_sourceMatch1.2.16

asteriskopen_sourceMatch1.2.17

asteriskopen_sourceMatch1.2.18

asteriskopen_sourceMatch1.2.19

asteriskopen_sourceMatch1.2.20

asteriskopen_sourceMatch1.2.21

asteriskopen_sourceMatch1.2.21.1

asteriskopen_sourceMatch1.2.22

asteriskopen_sourceMatch1.2.23

asteriskopen_sourceMatch1.2.24

asteriskopen_sourceMatch1.2.25

asteriskopen_sourceMatch1.2.26

asteriskopen_sourceMatch1.2.26.1

asteriskopen_sourceMatch1.2.26.2

asteriskopen_sourceMatch1.2.27

asteriskopen_sourceMatch1.2.28

asteriskopen_sourceMatch1.2.29

asteriskopen_sourceMatch1.4.0

asteriskopen_sourceMatch1.4.1

asteriskopen_sourceMatch1.4.2

asteriskopen_sourceMatch1.4.3

asteriskopen_sourceMatch1.4.4

asteriskopen_sourceMatch1.4.5

asteriskopen_sourceMatch1.4.6

asteriskopen_sourceMatch1.4.7

asteriskopen_sourceMatch1.4.7.1

asteriskopen_sourceMatch1.4.8

asteriskopen_sourceMatch1.4.9

asteriskopen_sourceMatch1.4.10

asteriskopen_sourceMatch1.4.10.1

asteriskopen_sourceMatch1.4.11

asteriskopen_sourceMatch1.4.12

asteriskopen_sourceMatch1.4.12.1

asteriskopen_sourceMatch1.4.13

asteriskopen_sourceMatch1.4.14

asteriskopen_sourceMatch1.4.15

asteriskopen_sourceMatch1.4.16

asteriskopen_sourceMatch1.4.16.1

asteriskopen_sourceMatch1.4.16.2

asteriskopen_sourceMatch1.4.17

asteriskopen_sourceMatch1.4.18

asteriskopen_sourceMatch1.4.18.1

asteriskopen_sourceMatch1.4.19

asteriskopen_sourceMatch1.4.19.1

asteriskopen_sourceMatch1.4.19_rc3

asteriskopen_sourceMatch1.4_revision_95946

asteriskopen_sourceMatch1.4beta

VendorProductVersionCPE
asteriskopen_source1.4.2cpe:/a:asterisk:open_source:1.4.2:::
asteriskasterisk_business_editionc1.8.0cpe:/a:asterisk:asterisk_business_edition:c1.8.0:::
asteriskopen_source1.0.9cpe:/a:asterisk:open_source:1.0.9:::
asteriskopen_source1.4.8cpe:/a:asterisk:open_source:1.4.8:::
asteriskopen_source1.2.19cpe:/a:asterisk:open_source:1.2.19:::
asteriskasterisknowbeta+7cpe:/a:asterisk:asterisknow:beta+7:::
asteriskopen_source1.2.27cpe:/a:asterisk:open_source:1.2.27:::
asteriskopen_source1.2.2cpe:/a:asterisk:open_source:1.2.2:::
asteriskopen_source1.2.24cpe:/a:asterisk:open_source:1.2.24:::
asteriskasterisk_appliance_developer_kit0.6.0cpe:/a:asterisk:asterisk_appliance_developer_kit:0.6.0:::

Vendor	Product	Version	CPE
asterisk	open_source	1.4.2	cpe:/a:asterisk:open_source:1.4.2:::
asterisk	asterisk_business_edition	c1.8.0	cpe:/a:asterisk:asterisk_business_edition:c1.8.0:::
asterisk	open_source	1.0.9	cpe:/a:asterisk:open_source:1.0.9:::
asterisk	open_source	1.4.8	cpe:/a:asterisk:open_source:1.4.8:::
asterisk	open_source	1.2.19	cpe:/a:asterisk:open_source:1.2.19:::
asterisk	asterisknow	beta+7	cpe:/a:asterisk:asterisknow:beta+7:::
asterisk	open_source	1.2.27	cpe:/a:asterisk:open_source:1.2.27:::
asterisk	open_source	1.2.2	cpe:/a:asterisk:open_source:1.2.2:::
asterisk	open_source	1.2.24	cpe:/a:asterisk:open_source:1.2.24:::
asterisk	asterisk_appliance_developer_kit	0.6.0	cpe:/a:asterisk:asterisk_appliance_developer_kit:0.6.0:::