Lucene search

[email protected]NVD:CVE-2008-3264

HistoryJul 24, 2008 - 3:41 p.m.

CVE-2008-3264

2008-07-2415:41:00

CWE-287

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.085

Percentile

94.5%

JSON

The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers to cause a denial of service (traffic amplification) via an IAX2 FWDOWNL request.

Affected configurations

Nvd

Node

asterisks800i_applianceMatch1.0

asterisks800i_applianceMatch1.0.1

asterisks800i_applianceMatch1.0.2

asterisks800i_applianceMatch1.0.3

AND

asteriskasterisk_appliance_developer_kitMatch0.2

asteriskasterisk_appliance_developer_kitMatch0.3

asteriskasterisk_appliance_developer_kitMatch0.4

asteriskasterisk_appliance_developer_kitMatch0.5

asteriskasterisk_appliance_developer_kitMatch0.6

asteriskasterisk_appliance_developer_kitMatch0.6.0

asteriskasterisk_appliance_developer_kitMatch0.7

asteriskasterisk_appliance_developer_kitMatch0.8

asteriskasterisk_business_editionMatcha

asteriskasterisk_business_editionMatchb

asteriskasterisk_business_editionMatchb.1.3.2

asteriskasterisk_business_editionMatchb.1.3.3

asteriskasterisk_business_editionMatchb.2.2.0

asteriskasterisk_business_editionMatchb.2.2.1

asteriskasterisk_business_editionMatchb.2.3.1

asteriskasterisk_business_editionMatchb.2.3.2

asteriskasterisk_business_editionMatchb.2.3.3

asteriskasterisk_business_editionMatchb.2.3.4

asteriskasterisk_business_editionMatchb.2.3.6

asteriskasterisk_business_editionMatchb.2.5.0

asteriskasterisk_business_editionMatchb.2.5.3

asteriskasterisk_business_editionMatchb2.5.1

asteriskasterisk_business_editionMatchb2.5.2

asteriskasterisk_business_editionMatchc

asteriskasterisk_business_editionMatchc.1.0-beta7

asteriskasterisk_business_editionMatchc.1.0-beta8

asteriskasterisk_business_editionMatchc.1.6

asteriskasterisk_business_editionMatchc.1.6.1

asteriskasterisk_business_editionMatchc.1.6.2

asteriskasterisk_business_editionMatchc1.8.0

asteriskasterisk_business_editionMatchc1.8.1

asteriskasterisknowMatchbeta_5

asteriskasterisknowMatchbeta_6

asteriskasterisknowMatchbeta_7

asteriskasterisknowMatchpre-release

asteriskopen_sourceMatch1.0

asteriskopen_sourceMatch1.0.0

asteriskopen_sourceMatch1.0.1

asteriskopen_sourceMatch1.0.2

asteriskopen_sourceMatch1.0.3

asteriskopen_sourceMatch1.0.3.4

asteriskopen_sourceMatch1.0.4

asteriskopen_sourceMatch1.0.5

asteriskopen_sourceMatch1.0.6

asteriskopen_sourceMatch1.0.7

asteriskopen_sourceMatch1.0.8

asteriskopen_sourceMatch1.0.9

asteriskopen_sourceMatch1.0.11

asteriskopen_sourceMatch1.0.11.1

asteriskopen_sourceMatch1.0.12

asteriskopen_sourceMatch1.2.0

asteriskopen_sourceMatch1.2.0beta1

asteriskopen_sourceMatch1.2.0beta2

asteriskopen_sourceMatch1.2.1

asteriskopen_sourceMatch1.2.2

asteriskopen_sourceMatch1.2.3

asteriskopen_sourceMatch1.2.4

asteriskopen_sourceMatch1.2.5

asteriskopen_sourceMatch1.2.6

asteriskopen_sourceMatch1.2.7

asteriskopen_sourceMatch1.2.7.1

asteriskopen_sourceMatch1.2.8

asteriskopen_sourceMatch1.2.9

asteriskopen_sourceMatch1.2.9.1

asteriskopen_sourceMatch1.2.10

asteriskopen_sourceMatch1.2.11

asteriskopen_sourceMatch1.2.12

asteriskopen_sourceMatch1.2.12.1

asteriskopen_sourceMatch1.2.13

asteriskopen_sourceMatch1.2.14

asteriskopen_sourceMatch1.2.15

asteriskopen_sourceMatch1.2.16

asteriskopen_sourceMatch1.2.17

asteriskopen_sourceMatch1.2.18

asteriskopen_sourceMatch1.2.19

asteriskopen_sourceMatch1.2.20

asteriskopen_sourceMatch1.2.21

asteriskopen_sourceMatch1.2.21.1

asteriskopen_sourceMatch1.2.22

asteriskopen_sourceMatch1.2.23

asteriskopen_sourceMatch1.2.24

asteriskopen_sourceMatch1.2.25

asteriskopen_sourceMatch1.2.26

asteriskopen_sourceMatch1.2.26.1

asteriskopen_sourceMatch1.2.26.2

asteriskopen_sourceMatch1.2.27

asteriskopen_sourceMatch1.2.28

asteriskopen_sourceMatch1.2.29

asteriskopen_sourceMatch1.4.0

asteriskopen_sourceMatch1.4.1

asteriskopen_sourceMatch1.4.2

asteriskopen_sourceMatch1.4.3

asteriskopen_sourceMatch1.4.4

asteriskopen_sourceMatch1.4.5

asteriskopen_sourceMatch1.4.6

asteriskopen_sourceMatch1.4.7

asteriskopen_sourceMatch1.4.7.1

asteriskopen_sourceMatch1.4.8

asteriskopen_sourceMatch1.4.9

asteriskopen_sourceMatch1.4.10

asteriskopen_sourceMatch1.4.10.1

asteriskopen_sourceMatch1.4.11

asteriskopen_sourceMatch1.4.12

asteriskopen_sourceMatch1.4.12.1

asteriskopen_sourceMatch1.4.13

asteriskopen_sourceMatch1.4.14

asteriskopen_sourceMatch1.4.15

asteriskopen_sourceMatch1.4.16

asteriskopen_sourceMatch1.4.16.1

asteriskopen_sourceMatch1.4.16.2

asteriskopen_sourceMatch1.4.17

asteriskopen_sourceMatch1.4.18

asteriskopen_sourceMatch1.4.18.1

asteriskopen_sourceMatch1.4.19

asteriskopen_sourceMatch1.4.19.1

asteriskopen_sourceMatch1.4.19_rc3

asteriskopen_sourceMatch1.4_revision_95946

asteriskopen_sourceMatch1.4beta

References

downloads.digium.com/pub/security/AST-2008-011.html

secunia.com/advisories/31178

secunia.com/advisories/31194

secunia.com/advisories/34982

security.gentoo.org/glsa/glsa-200905-01.xml

www.securityfocus.com/archive/1/494676/100/0/threaded

www.securityfocus.com/bid/30350

www.securitytracker.com/id?1020536

www.vupen.com/english/advisories/2008/2168/references

exchange.xforce.ibmcloud.com/vulnerabilities/43955

www.redhat.com/archives/fedora-package-announce/2008-July/msg00839.html

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.085

Percentile

94.5%

JSON

Related for NVD:CVE-2008-3264

nessus5 seebug1 ubuntucve1 debiancve1 cvelist1 cve1 prion1 openvas6 fedora2 securityvulns1 gentoo1