Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable6750.PRM
HistoryApr 10, 2013 - 12:00 a.m.

Asterisk Multiple Vulnerabilities (AST-2013-001 / AST-2013-002 / AST-2013-003)

2013-04-1000:00:00
Tenable
www.tenable.com
14

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.651

Percentile

97.9%

JSON

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by the following vulnerabilities :

  • A buffer overflow exists in the SIP SDP headers and h264 video handling. NOTE:Only Affects version less than 11.2.2 (CVE-2013-2685)

  • A denial of server exists in the HTTP POST requests with very large ‘Conten-Length’ header values. (CVE-2013-2686)

  • An information disclosure exists in the INVITE, SUBSCRIBE and REGISTER transactions and improper settings for the configureatio options. (CVE-2013-2264)

Binary data 6750.prm
VendorProductVersionCPE
digiumasteriskcpe:/a:digium:asterisk

Related

nessus 8
securityvulns 4
freebsd 1
fedora 2
openvas 5
gentoo 1
checkpoint_advisories 2
cve 3
cvelist 3
ubuntucve 3
nvd 3
debiancve 3
prion 3
ibm 1
nessus
nessus
FreeBSD : asterisk -- multiple vulnerabilities (daf0a339-9850-11e2-879e-d43d7e0c7c02)
2013-04-08 00:00:00
Mandriva Linux Security Advisory : asterisk (MDVSA-2013:140)
2013-04-20 00:00:00
Fedora 17 : asterisk-10.12.2-1.fc17 (2013-4528)
2013-04-08 00:00:00
securityvulns
securityvulns
Asterisk multiple security vulnerabilities
2013-04-01 00:00:00
AST-2013-003: Username disclosure in SIP channel driver
2013-04-01 00:00:00
AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header
2013-04-01 00:00:00
freebsd
freebsd
asterisk -- multiple vulnerabilities
2013-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: asterisk-10.12.2-1.fc17
2013-04-07 00:44:42
[SECURITY] Fedora 18 Update: asterisk-11.2.2-1.fc18
2013-04-07 00:28:33
openvas
openvas
Fedora Update for asterisk FEDORA-2013-4528
2013-04-08 00:00:00
Fedora Update for asterisk FEDORA-2013-4528
2013-04-08 00:00:00
Gentoo Security Advisory GLSA 201401-15
2015-09-29 00:00:00
gentoo
gentoo
Asterisk: Multiple vulnerabilities
2014-01-21 00:00:00
checkpoint_advisories
checkpoint_advisories
Digium Asterisk SIP SDP Header Parsing Stack Buffer Overflow (CVE-2013-2685)
2013-06-30 00:00:00
Digium Asterisk HTTP Management Interface Stack Overflow (CVE-2012-5976; CVE-2013-2686)
2013-01-20 00:00:00
cve
cve
CVE-2013-2685
2022-10-03 16:15:01
CVE-2013-2264
2022-10-03 16:14:59
CVE-2013-2686
2022-10-03 16:14:59
cvelist
cvelist
CVE-2013-2685
2022-10-03 16:15:01
CVE-2013-2264
2022-10-03 16:14:59
CVE-2013-2686
2022-10-03 16:14:59
ubuntucve
ubuntucve
CVE-2013-2685
2013-04-01 00:00:00
CVE-2013-2264
2013-04-01 00:00:00
CVE-2013-2686
2013-04-01 00:00:00
nvd
nvd
CVE-2013-2685
2013-04-01 16:55:03
CVE-2013-2264
2013-04-01 16:55:03
CVE-2013-2686
2013-04-01 16:55:04
debiancve
debiancve
CVE-2013-2685
2022-10-03 16:15:01
CVE-2013-2264
2022-10-03 16:14:59
CVE-2013-2686
2022-10-03 16:14:59
prion
prion
Stack overflow
2013-04-01 16:55:00
Code injection
2013-04-01 16:55:00
Design/Logic Flaw
2013-04-01 16:55:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities exist in the OpenSSL component of IBM Initiate Master Data Service and IBM InfoSphere Master Data Management Standard Edition (CVE-2013-0166, CVE-2013-0166, CVE-2012-2686)
2022-09-26 03:31:32

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.651

Percentile

97.9%

JSON
Related for 6750.PRM
nessus8securityvulns4freebsd1fedora2openvas5gentoo1checkpoint_advisories2cve3cvelist3ubuntucve3nvd3debiancve3prion3ibm1