Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for s800i by digium

    CVE-2011-1147 (GCVE-0-2011-1147)

    Vulnerability from nvd – Published: 2011-03-15 17:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/43702 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/46474 vdb-entryx_refsource_BID
    http://www.debian.org/security/2011/dsa-2225 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/43429 third-party-advisoryx_refsource_SECUNIA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.vupen.com/english/advisories/2011/0635 vdb-entryx_refsource_VUPEN
    http://www.openwall.com/lists/oss-security/2011/03/11/2 mailing-listx_refsource_MLIST
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.securitytracker.com/id?1025101 vdb-entryx_refsource_SECTRACK
    http://www.openwall.com/lists/oss-security/2011/03/11/8 mailing-listx_refsource_MLIST
    http://downloads.asterisk.org/pub/security/AST-20… x_refsource_CONFIRM
    Date Public
    2011-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:27.830Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43702",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43702"
              },
              {
                "name": "46474",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46474"
              },
              {
                "name": "DSA-2225",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2011/dsa-2225"
              },
              {
                "name": "43429",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43429"
              },
              {
                "name": "FEDORA-2011-2438",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
              },
              {
                "name": "ADV-2011-0635",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0635"
              },
              {
                "name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
              },
              {
                "name": "FEDORA-2011-2360",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
              },
              {
                "name": "FEDORA-2011-2558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
              },
              {
                "name": "1025101",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1025101"
              },
              {
                "name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-08-23T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "43702",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43702"
            },
            {
              "name": "46474",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46474"
            },
            {
              "name": "DSA-2225",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2011/dsa-2225"
            },
            {
              "name": "43429",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43429"
            },
            {
              "name": "FEDORA-2011-2438",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
            },
            {
              "name": "ADV-2011-0635",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0635"
            },
            {
              "name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
            },
            {
              "name": "FEDORA-2011-2360",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
            },
            {
              "name": "FEDORA-2011-2558",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
            },
            {
              "name": "1025101",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1025101"
            },
            {
              "name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2011-1147",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43702",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43702"
                },
                {
                  "name": "46474",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46474"
                },
                {
                  "name": "DSA-2225",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2011/dsa-2225"
                },
                {
                  "name": "43429",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43429"
                },
                {
                  "name": "FEDORA-2011-2438",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
                },
                {
                  "name": "ADV-2011-0635",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0635"
                },
                {
                  "name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
                },
                {
                  "name": "FEDORA-2011-2360",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
                },
                {
                  "name": "FEDORA-2011-2558",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
                },
                {
                  "name": "1025101",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1025101"
                },
                {
                  "name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2011-002.html",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1147",
        "datePublished": "2011-03-15T17:00:00.000Z",
        "dateReserved": "2011-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:27.830Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4055 (GCVE-0-2009-4055)

    Vulnerability from nvd – Published: 2009-12-02 11:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-11-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:51.226Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "37153",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37153"
              },
              {
                "name": "20091130 AST-2009-010: RTP Remote Crash Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/508147/100/0/threaded"
              },
              {
                "name": "37677",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37677"
              },
              {
                "name": "1023249",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023249"
              },
              {
                "name": "DSA-1952",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1952"
              },
              {
                "name": "asterisk-rtp-comfortnoise-dos(54471)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54471"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt"
              },
              {
                "name": "37530",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37530"
              },
              {
                "name": "FEDORA-2009-12461",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-package-announce/2009-December/msg00759.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.asterisk.org/view.php?id=16242"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt"
              },
              {
                "name": "37708",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37708"
              },
              {
                "name": "60569",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/60569"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.digium.com/pub/security/AST-2009-010.html"
              },
              {
                "name": "ADV-2009-3368",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/3368"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "37153",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37153"
            },
            {
              "name": "20091130 AST-2009-010: RTP Remote Crash Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/508147/100/0/threaded"
            },
            {
              "name": "37677",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37677"
            },
            {
              "name": "1023249",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023249"
            },
            {
              "name": "DSA-1952",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1952"
            },
            {
              "name": "asterisk-rtp-comfortnoise-dos(54471)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54471"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt"
            },
            {
              "name": "37530",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37530"
            },
            {
              "name": "FEDORA-2009-12461",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.redhat.com/archives/fedora-package-announce/2009-December/msg00759.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.asterisk.org/view.php?id=16242"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt"
            },
            {
              "name": "37708",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37708"
            },
            {
              "name": "60569",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/60569"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.digium.com/pub/security/AST-2009-010.html"
            },
            {
              "name": "ADV-2009-3368",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/3368"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4055",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "37153",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37153"
                },
                {
                  "name": "20091130 AST-2009-010: RTP Remote Crash Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/508147/100/0/threaded"
                },
                {
                  "name": "37677",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37677"
                },
                {
                  "name": "1023249",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023249"
                },
                {
                  "name": "DSA-1952",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1952"
                },
                {
                  "name": "asterisk-rtp-comfortnoise-dos(54471)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54471"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt"
                },
                {
                  "name": "37530",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37530"
                },
                {
                  "name": "FEDORA-2009-12461",
                  "refsource": "FEDORA",
                  "url": "http://www.redhat.com/archives/fedora-package-announce/2009-December/msg00759.html"
                },
                {
                  "name": "https://issues.asterisk.org/view.php?id=16242",
                  "refsource": "CONFIRM",
                  "url": "https://issues.asterisk.org/view.php?id=16242"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt"
                },
                {
                  "name": "37708",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37708"
                },
                {
                  "name": "60569",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/60569"
                },
                {
                  "name": "http://downloads.digium.com/pub/security/AST-2009-010.html",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.digium.com/pub/security/AST-2009-010.html"
                },
                {
                  "name": "ADV-2009-3368",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/3368"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4055",
        "datePublished": "2009-12-02T11:00:00.000Z",
        "dateReserved": "2009-11-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:51.226Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3727 (GCVE-0-2009-3727)

    Vulnerability from nvd – Published: 2009-11-10 18:00 – Updated: 2024-08-07 06:38
    VLAI
    Summary
    Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/37265 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/37479 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/37677 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2009/dsa-1952 vendor-advisoryx_refsource_DEBIAN
    https://bugzilla.redhat.com/show_bug.cgi?id=523277 x_refsource_CONFIRM
    https://bugzilla.redhat.com/show_bug.cgi?id=533137 x_refsource_CONFIRM
    http://www.securityfocus.com/bid/36924 vdb-entryx_refsource_BID
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://osvdb.org/59697 vdb-entryx_refsource_OSVDB
    http://downloads.asterisk.org/pub/security/AST-20… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1023133 vdb-entryx_refsource_SECTRACK
    Date Public
    2009-11-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:38:30.134Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "37265",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37265"
              },
              {
                "name": "FEDORA-2009-11126",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"
              },
              {
                "name": "37479",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37479"
              },
              {
                "name": "37677",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37677"
              },
              {
                "name": "DSA-1952",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1952"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=523277"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533137"
              },
              {
                "name": "36924",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/36924"
              },
              {
                "name": "FEDORA-2009-11070",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"
              },
              {
                "name": "59697",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/59697"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-008.html"
              },
              {
                "name": "1023133",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1023133"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-11-19T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "37265",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37265"
            },
            {
              "name": "FEDORA-2009-11126",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"
            },
            {
              "name": "37479",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37479"
            },
            {
              "name": "37677",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37677"
            },
            {
              "name": "DSA-1952",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1952"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=523277"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533137"
            },
            {
              "name": "36924",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/36924"
            },
            {
              "name": "FEDORA-2009-11070",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"
            },
            {
              "name": "59697",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/59697"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-008.html"
            },
            {
              "name": "1023133",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1023133"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3727",
        "datePublished": "2009-11-10T18:00:00.000Z",
        "dateReserved": "2009-10-16T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:38:30.134Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1147 (GCVE-0-2011-1147)

    Vulnerability from cvelistv5 – Published: 2011-03-15 17:00 – Updated: 2024-08-06 22:14
    VLAI
    Summary
    Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/43702 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/46474 vdb-entryx_refsource_BID
    http://www.debian.org/security/2011/dsa-2225 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/43429 third-party-advisoryx_refsource_SECUNIA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.vupen.com/english/advisories/2011/0635 vdb-entryx_refsource_VUPEN
    http://www.openwall.com/lists/oss-security/2011/03/11/2 mailing-listx_refsource_MLIST
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
    http://www.securitytracker.com/id?1025101 vdb-entryx_refsource_SECTRACK
    http://www.openwall.com/lists/oss-security/2011/03/11/8 mailing-listx_refsource_MLIST
    http://downloads.asterisk.org/pub/security/AST-20… x_refsource_CONFIRM
    Date Public
    2011-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:14:27.830Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43702",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43702"
              },
              {
                "name": "46474",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46474"
              },
              {
                "name": "DSA-2225",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2011/dsa-2225"
              },
              {
                "name": "43429",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43429"
              },
              {
                "name": "FEDORA-2011-2438",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
              },
              {
                "name": "ADV-2011-0635",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0635"
              },
              {
                "name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
              },
              {
                "name": "FEDORA-2011-2360",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
              },
              {
                "name": "FEDORA-2011-2558",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
              },
              {
                "name": "1025101",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1025101"
              },
              {
                "name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-08-23T09:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "43702",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43702"
            },
            {
              "name": "46474",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46474"
            },
            {
              "name": "DSA-2225",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2011/dsa-2225"
            },
            {
              "name": "43429",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43429"
            },
            {
              "name": "FEDORA-2011-2438",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
            },
            {
              "name": "ADV-2011-0635",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0635"
            },
            {
              "name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
            },
            {
              "name": "FEDORA-2011-2360",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
            },
            {
              "name": "FEDORA-2011-2558",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
            },
            {
              "name": "1025101",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1025101"
            },
            {
              "name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2011-1147",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2.4; Business Edition C.x.x before C.3.6.3; AsteriskNOW 1.5; and s800i (Asterisk Appliance), when T.38 support is enabled, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDPTL packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43702",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43702"
                },
                {
                  "name": "46474",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46474"
                },
                {
                  "name": "DSA-2225",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2011/dsa-2225"
                },
                {
                  "name": "43429",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43429"
                },
                {
                  "name": "FEDORA-2011-2438",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html"
                },
                {
                  "name": "ADV-2011-0635",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0635"
                },
                {
                  "name": "[oss-security] 20110311 CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2011/03/11/2"
                },
                {
                  "name": "FEDORA-2011-2360",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html"
                },
                {
                  "name": "FEDORA-2011-2558",
                  "refsource": "FEDORA",
                  "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html"
                },
                {
                  "name": "1025101",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1025101"
                },
                {
                  "name": "[oss-security] 20110311 Re: CVE Request -- Asterisk AST-2011-002 / Multiple array overflow and crash vulnerabilities in UDPTL code",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2011/03/11/8"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2011-002.html",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2011-002.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-1147",
        "datePublished": "2011-03-15T17:00:00.000Z",
        "dateReserved": "2011-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:14:27.830Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4055 (GCVE-0-2009-4055)

    Vulnerability from cvelistv5 – Published: 2009-12-02 11:00 – Updated: 2024-08-07 06:45
    VLAI
    Summary
    rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-11-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:45:51.226Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "37153",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37153"
              },
              {
                "name": "20091130 AST-2009-010: RTP Remote Crash Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/508147/100/0/threaded"
              },
              {
                "name": "37677",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37677"
              },
              {
                "name": "1023249",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023249"
              },
              {
                "name": "DSA-1952",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1952"
              },
              {
                "name": "asterisk-rtp-comfortnoise-dos(54471)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54471"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt"
              },
              {
                "name": "37530",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37530"
              },
              {
                "name": "FEDORA-2009-12461",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-package-announce/2009-December/msg00759.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.asterisk.org/view.php?id=16242"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt"
              },
              {
                "name": "37708",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37708"
              },
              {
                "name": "60569",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/60569"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.digium.com/pub/security/AST-2009-010.html"
              },
              {
                "name": "ADV-2009-3368",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/3368"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "37153",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37153"
            },
            {
              "name": "20091130 AST-2009-010: RTP Remote Crash Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/508147/100/0/threaded"
            },
            {
              "name": "37677",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37677"
            },
            {
              "name": "1023249",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023249"
            },
            {
              "name": "DSA-1952",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1952"
            },
            {
              "name": "asterisk-rtp-comfortnoise-dos(54471)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54471"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt"
            },
            {
              "name": "37530",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37530"
            },
            {
              "name": "FEDORA-2009-12461",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.redhat.com/archives/fedora-package-announce/2009-December/msg00759.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.asterisk.org/view.php?id=16242"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt"
            },
            {
              "name": "37708",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37708"
            },
            {
              "name": "60569",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/60569"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.digium.com/pub/security/AST-2009-010.html"
            },
            {
              "name": "ADV-2009-3368",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/3368"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4055",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6 allows remote attackers to cause a denial of service (daemon crash) via an RTP comfort noise payload with a long data length."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "37153",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37153"
                },
                {
                  "name": "20091130 AST-2009-010: RTP Remote Crash Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/508147/100/0/threaded"
                },
                {
                  "name": "37677",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37677"
                },
                {
                  "name": "1023249",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023249"
                },
                {
                  "name": "DSA-1952",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1952"
                },
                {
                  "name": "asterisk-rtp-comfortnoise-dos(54471)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54471"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.4.diff.txt"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.0.diff.txt"
                },
                {
                  "name": "37530",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37530"
                },
                {
                  "name": "FEDORA-2009-12461",
                  "refsource": "FEDORA",
                  "url": "http://www.redhat.com/archives/fedora-package-announce/2009-December/msg00759.html"
                },
                {
                  "name": "https://issues.asterisk.org/view.php?id=16242",
                  "refsource": "CONFIRM",
                  "url": "https://issues.asterisk.org/view.php?id=16242"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.6.1.diff.txt"
                },
                {
                  "name": "37708",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37708"
                },
                {
                  "name": "60569",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/60569"
                },
                {
                  "name": "http://downloads.digium.com/pub/security/AST-2009-010.html",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.digium.com/pub/security/AST-2009-010.html"
                },
                {
                  "name": "ADV-2009-3368",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/3368"
                },
                {
                  "name": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.asterisk.org/pub/security/AST-2009-010-1.2.diff.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4055",
        "datePublished": "2009-12-02T11:00:00.000Z",
        "dateReserved": "2009-11-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:45:51.226Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-3727 (GCVE-0-2009-3727)

    Vulnerability from cvelistv5 – Published: 2009-11-10 18:00 – Updated: 2024-08-07 06:38
    VLAI
    Summary
    Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/37265 third-party-advisoryx_refsource_SECUNIA
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/37479 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/37677 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2009/dsa-1952 vendor-advisoryx_refsource_DEBIAN
    https://bugzilla.redhat.com/show_bug.cgi?id=523277 x_refsource_CONFIRM
    https://bugzilla.redhat.com/show_bug.cgi?id=533137 x_refsource_CONFIRM
    http://www.securityfocus.com/bid/36924 vdb-entryx_refsource_BID
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://osvdb.org/59697 vdb-entryx_refsource_OSVDB
    http://downloads.asterisk.org/pub/security/AST-20… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1023133 vdb-entryx_refsource_SECTRACK
    Date Public
    2009-11-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:38:30.134Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "37265",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37265"
              },
              {
                "name": "FEDORA-2009-11126",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"
              },
              {
                "name": "37479",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37479"
              },
              {
                "name": "37677",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37677"
              },
              {
                "name": "DSA-1952",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1952"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=523277"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533137"
              },
              {
                "name": "36924",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/36924"
              },
              {
                "name": "FEDORA-2009-11070",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"
              },
              {
                "name": "59697",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/59697"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.asterisk.org/pub/security/AST-2009-008.html"
              },
              {
                "name": "1023133",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1023133"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-11-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-11-19T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "37265",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37265"
            },
            {
              "name": "FEDORA-2009-11126",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00838.html"
            },
            {
              "name": "37479",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37479"
            },
            {
              "name": "37677",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37677"
            },
            {
              "name": "DSA-1952",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1952"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=523277"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533137"
            },
            {
              "name": "36924",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/36924"
            },
            {
              "name": "FEDORA-2009-11070",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00789.html"
            },
            {
              "name": "59697",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/59697"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.asterisk.org/pub/security/AST-2009-008.html"
            },
            {
              "name": "1023133",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1023133"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-3727",
        "datePublished": "2009-11-10T18:00:00.000Z",
        "dateReserved": "2009-10-16T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:38:30.134Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }