Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for s800i_appliance by asterisk

    CVE-2009-0041 (GCVE-0-2009-0041)

    Vulnerability from nvd – Published: 2009-01-14 23:00 – Updated: 2024-08-07 04:17
    VLAI
    Summary
    IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://security.gentoo.org/glsa/glsa-200905-01.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/archive/1/499884/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/33453 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/4910 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/33174 vdb-entryx_refsource_BID
    http://secunia.com/advisories/37677 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2009/dsa-1952 vendor-advisoryx_refsource_DEBIAN
    http://www.securitytracker.com/id?1021549 vdb-entryx_refsource_SECTRACK
    http://downloads.digium.com/pub/security/AST-2009… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2009/0063 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/34982 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:17:10.507Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-200905-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
              },
              {
                "name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
              },
              {
                "name": "33453",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33453"
              },
              {
                "name": "4910",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4910"
              },
              {
                "name": "33174",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/33174"
              },
              {
                "name": "37677",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37677"
              },
              {
                "name": "DSA-1952",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1952"
              },
              {
                "name": "1021549",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021549"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
              },
              {
                "name": "ADV-2009-0063",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0063"
              },
              {
                "name": "34982",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34982"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "GLSA-200905-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
            },
            {
              "name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
            },
            {
              "name": "33453",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33453"
            },
            {
              "name": "4910",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4910"
            },
            {
              "name": "33174",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/33174"
            },
            {
              "name": "37677",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37677"
            },
            {
              "name": "DSA-1952",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1952"
            },
            {
              "name": "1021549",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021549"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
            },
            {
              "name": "ADV-2009-0063",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0063"
            },
            {
              "name": "34982",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34982"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-0041",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-200905-01",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
                },
                {
                  "name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
                },
                {
                  "name": "33453",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/33453"
                },
                {
                  "name": "4910",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4910"
                },
                {
                  "name": "33174",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/33174"
                },
                {
                  "name": "37677",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37677"
                },
                {
                  "name": "DSA-1952",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1952"
                },
                {
                  "name": "1021549",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1021549"
                },
                {
                  "name": "http://downloads.digium.com/pub/security/AST-2009-001.html",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
                },
                {
                  "name": "ADV-2009-0063",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/0063"
                },
                {
                  "name": "34982",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34982"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-0041",
        "datePublished": "2009-01-14T23:00:00.000Z",
        "dateReserved": "2009-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:17:10.507Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3763 (GCVE-0-2007-3763)

    Vulnerability from nvd – Published: 2007-07-18 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://ftp.digium.com/pub/asa/ASA-2007-015.pdf x_refsource_CONFIRM
    http://secunia.com/advisories/26099 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/24950 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1018407 vdb-entryx_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200802-11.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/29051 third-party-advisoryx_refsource_SECUNIA
    http://bugs.gentoo.org/show_bug.cgi?id=185713 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2563 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2007/dsa-1358 vendor-advisoryx_refsource_DEBIAN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    Date Public
    2007-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.493Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ftp.digium.com/pub/asa/ASA-2007-015.pdf"
              },
              {
                "name": "26099",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26099"
              },
              {
                "name": "24950",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24950"
              },
              {
                "name": "1018407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018407"
              },
              {
                "name": "GLSA-200802-11",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
              },
              {
                "name": "29051",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29051"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
              },
              {
                "name": "ADV-2007-2563",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2563"
              },
              {
                "name": "DSA-1358",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2007/dsa-1358"
              },
              {
                "name": "SUSE-SR:2007:015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-07-27T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ftp.digium.com/pub/asa/ASA-2007-015.pdf"
            },
            {
              "name": "26099",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26099"
            },
            {
              "name": "24950",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24950"
            },
            {
              "name": "1018407",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018407"
            },
            {
              "name": "GLSA-200802-11",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
            },
            {
              "name": "29051",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29051"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
            },
            {
              "name": "ADV-2007-2563",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2563"
            },
            {
              "name": "DSA-1358",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2007/dsa-1358"
            },
            {
              "name": "SUSE-SR:2007:015",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://ftp.digium.com/pub/asa/ASA-2007-015.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://ftp.digium.com/pub/asa/ASA-2007-015.pdf"
                },
                {
                  "name": "26099",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26099"
                },
                {
                  "name": "24950",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24950"
                },
                {
                  "name": "1018407",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018407"
                },
                {
                  "name": "GLSA-200802-11",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
                },
                {
                  "name": "29051",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29051"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=185713",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
                },
                {
                  "name": "ADV-2007-2563",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2563"
                },
                {
                  "name": "DSA-1358",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2007/dsa-1358"
                },
                {
                  "name": "SUSE-SR:2007:015",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3763",
        "datePublished": "2007-07-18T17:00:00.000Z",
        "dateReserved": "2007-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3764 (GCVE-0-2007-3764)

    Vulnerability from nvd – Published: 2007-07-18 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an "overly large memcpy."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/26099 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/24950 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1018407 vdb-entryx_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200802-11.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/29051 third-party-advisoryx_refsource_SECUNIA
    http://bugs.gentoo.org/show_bug.cgi?id=185713 x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/2563 vdb-entryx_refsource_VUPEN
    http://ftp.digium.com/pub/asa/ASA-2007-016.pdf x_refsource_CONFIRM
    http://www.debian.org/security/2007/dsa-1358 vendor-advisoryx_refsource_DEBIAN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    Date Public
    2007-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26099",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26099"
              },
              {
                "name": "24950",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24950"
              },
              {
                "name": "1018407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018407"
              },
              {
                "name": "GLSA-200802-11",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
              },
              {
                "name": "29051",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29051"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
              },
              {
                "name": "asterisk-skinny-driver-dos(35478)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35478"
              },
              {
                "name": "ADV-2007-2563",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2563"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ftp.digium.com/pub/asa/ASA-2007-016.pdf"
              },
              {
                "name": "DSA-1358",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2007/dsa-1358"
              },
              {
                "name": "SUSE-SR:2007:015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an \"overly large memcpy.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26099",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26099"
            },
            {
              "name": "24950",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24950"
            },
            {
              "name": "1018407",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018407"
            },
            {
              "name": "GLSA-200802-11",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
            },
            {
              "name": "29051",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29051"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
            },
            {
              "name": "asterisk-skinny-driver-dos(35478)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35478"
            },
            {
              "name": "ADV-2007-2563",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2563"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ftp.digium.com/pub/asa/ASA-2007-016.pdf"
            },
            {
              "name": "DSA-1358",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2007/dsa-1358"
            },
            {
              "name": "SUSE-SR:2007:015",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3764",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an \"overly large memcpy.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26099",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26099"
                },
                {
                  "name": "24950",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24950"
                },
                {
                  "name": "1018407",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018407"
                },
                {
                  "name": "GLSA-200802-11",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
                },
                {
                  "name": "29051",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29051"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=185713",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
                },
                {
                  "name": "asterisk-skinny-driver-dos(35478)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35478"
                },
                {
                  "name": "ADV-2007-2563",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2563"
                },
                {
                  "name": "http://ftp.digium.com/pub/asa/ASA-2007-016.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://ftp.digium.com/pub/asa/ASA-2007-016.pdf"
                },
                {
                  "name": "DSA-1358",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2007/dsa-1358"
                },
                {
                  "name": "SUSE-SR:2007:015",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3764",
        "datePublished": "2007-07-18T17:00:00.000Z",
        "dateReserved": "2007-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3765 (GCVE-0-2007-3765)

    Vulnerability from nvd – Published: 2007-07-18 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/26099 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/24950 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1018407 vdb-entryx_refsource_SECTRACK
    http://ftp.digium.com/pub/asa/ASA-2007-017.pdf x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/2563 vdb-entryx_refsource_VUPEN
    Date Public
    2007-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.295Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26099",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26099"
              },
              {
                "name": "24950",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24950"
              },
              {
                "name": "1018407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018407"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ftp.digium.com/pub/asa/ASA-2007-017.pdf"
              },
              {
                "name": "asterisk-stun-dos(35480)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35480"
              },
              {
                "name": "ADV-2007-2563",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2563"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26099",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26099"
            },
            {
              "name": "24950",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24950"
            },
            {
              "name": "1018407",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018407"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ftp.digium.com/pub/asa/ASA-2007-017.pdf"
            },
            {
              "name": "asterisk-stun-dos(35480)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35480"
            },
            {
              "name": "ADV-2007-2563",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2563"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3765",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26099",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26099"
                },
                {
                  "name": "24950",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24950"
                },
                {
                  "name": "1018407",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018407"
                },
                {
                  "name": "http://ftp.digium.com/pub/asa/ASA-2007-017.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://ftp.digium.com/pub/asa/ASA-2007-017.pdf"
                },
                {
                  "name": "asterisk-stun-dos(35480)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35480"
                },
                {
                  "name": "ADV-2007-2563",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2563"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3765",
        "datePublished": "2007-07-18T17:00:00.000Z",
        "dateReserved": "2007-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.295Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3762 (GCVE-0-2007-3762)

    Vulnerability from nvd – Published: 2007-07-18 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/26099 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1018407 vdb-entryx_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200802-11.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/29051 third-party-advisoryx_refsource_SECUNIA
    http://bugs.gentoo.org/show_bug.cgi?id=185713 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2563 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2007/dsa-1358 vendor-advisoryx_refsource_DEBIAN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://ftp.digium.com/pub/asa/ASA-2007-014.pdf x_refsource_CONFIRM
    http://www.securityfocus.com/bid/24949 vdb-entryx_refsource_BID
    Date Public
    2007-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.292Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "asterisk-iax2channeldriver-bo(35466)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35466"
              },
              {
                "name": "26099",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26099"
              },
              {
                "name": "1018407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018407"
              },
              {
                "name": "GLSA-200802-11",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
              },
              {
                "name": "29051",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29051"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
              },
              {
                "name": "ADV-2007-2563",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2563"
              },
              {
                "name": "DSA-1358",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2007/dsa-1358"
              },
              {
                "name": "SUSE-SR:2007:015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ftp.digium.com/pub/asa/ASA-2007-014.pdf"
              },
              {
                "name": "24949",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24949"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "asterisk-iax2channeldriver-bo(35466)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35466"
            },
            {
              "name": "26099",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26099"
            },
            {
              "name": "1018407",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018407"
            },
            {
              "name": "GLSA-200802-11",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
            },
            {
              "name": "29051",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29051"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
            },
            {
              "name": "ADV-2007-2563",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2563"
            },
            {
              "name": "DSA-1358",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2007/dsa-1358"
            },
            {
              "name": "SUSE-SR:2007:015",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ftp.digium.com/pub/asa/ASA-2007-014.pdf"
            },
            {
              "name": "24949",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24949"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3762",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "asterisk-iax2channeldriver-bo(35466)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35466"
                },
                {
                  "name": "26099",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26099"
                },
                {
                  "name": "1018407",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018407"
                },
                {
                  "name": "GLSA-200802-11",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
                },
                {
                  "name": "29051",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29051"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=185713",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
                },
                {
                  "name": "ADV-2007-2563",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2563"
                },
                {
                  "name": "DSA-1358",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2007/dsa-1358"
                },
                {
                  "name": "SUSE-SR:2007:015",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
                },
                {
                  "name": "http://ftp.digium.com/pub/asa/ASA-2007-014.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://ftp.digium.com/pub/asa/ASA-2007-014.pdf"
                },
                {
                  "name": "24949",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24949"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3762",
        "datePublished": "2007-07-18T17:00:00.000Z",
        "dateReserved": "2007-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-0041 (GCVE-0-2009-0041)

    Vulnerability from cvelistv5 – Published: 2009-01-14 23:00 – Updated: 2024-08-07 04:17
    VLAI
    Summary
    IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://security.gentoo.org/glsa/glsa-200905-01.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/archive/1/499884/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/33453 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/4910 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/33174 vdb-entryx_refsource_BID
    http://secunia.com/advisories/37677 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2009/dsa-1952 vendor-advisoryx_refsource_DEBIAN
    http://www.securitytracker.com/id?1021549 vdb-entryx_refsource_SECTRACK
    http://downloads.digium.com/pub/security/AST-2009… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2009/0063 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/34982 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2009-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:17:10.507Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "GLSA-200905-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
              },
              {
                "name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
              },
              {
                "name": "33453",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33453"
              },
              {
                "name": "4910",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4910"
              },
              {
                "name": "33174",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/33174"
              },
              {
                "name": "37677",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37677"
              },
              {
                "name": "DSA-1952",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2009/dsa-1952"
              },
              {
                "name": "1021549",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021549"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
              },
              {
                "name": "ADV-2009-0063",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2009/0063"
              },
              {
                "name": "34982",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34982"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "GLSA-200905-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
            },
            {
              "name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
            },
            {
              "name": "33453",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33453"
            },
            {
              "name": "4910",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4910"
            },
            {
              "name": "33174",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/33174"
            },
            {
              "name": "37677",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37677"
            },
            {
              "name": "DSA-1952",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1952"
            },
            {
              "name": "1021549",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021549"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
            },
            {
              "name": "ADV-2009-0063",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0063"
            },
            {
              "name": "34982",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34982"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-0041",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "GLSA-200905-01",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200905-01.xml"
                },
                {
                  "name": "20090108 AST-2009-001: Information leak in IAX2 authentication",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/499884/100/0/threaded"
                },
                {
                  "name": "33453",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/33453"
                },
                {
                  "name": "4910",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4910"
                },
                {
                  "name": "33174",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/33174"
                },
                {
                  "name": "37677",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37677"
                },
                {
                  "name": "DSA-1952",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2009/dsa-1952"
                },
                {
                  "name": "1021549",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1021549"
                },
                {
                  "name": "http://downloads.digium.com/pub/security/AST-2009-001.html",
                  "refsource": "CONFIRM",
                  "url": "http://downloads.digium.com/pub/security/AST-2009-001.html"
                },
                {
                  "name": "ADV-2009-0063",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2009/0063"
                },
                {
                  "name": "34982",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34982"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-0041",
        "datePublished": "2009-01-14T23:00:00.000Z",
        "dateReserved": "2009-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T04:17:10.507Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3763 (GCVE-0-2007-3763)

    Vulnerability from cvelistv5 – Published: 2007-07-18 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://ftp.digium.com/pub/asa/ASA-2007-015.pdf x_refsource_CONFIRM
    http://secunia.com/advisories/26099 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/24950 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1018407 vdb-entryx_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200802-11.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/29051 third-party-advisoryx_refsource_SECUNIA
    http://bugs.gentoo.org/show_bug.cgi?id=185713 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2563 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2007/dsa-1358 vendor-advisoryx_refsource_DEBIAN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    Date Public
    2007-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.493Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ftp.digium.com/pub/asa/ASA-2007-015.pdf"
              },
              {
                "name": "26099",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26099"
              },
              {
                "name": "24950",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24950"
              },
              {
                "name": "1018407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018407"
              },
              {
                "name": "GLSA-200802-11",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
              },
              {
                "name": "29051",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29051"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
              },
              {
                "name": "ADV-2007-2563",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2563"
              },
              {
                "name": "DSA-1358",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2007/dsa-1358"
              },
              {
                "name": "SUSE-SR:2007:015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-07-27T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ftp.digium.com/pub/asa/ASA-2007-015.pdf"
            },
            {
              "name": "26099",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26099"
            },
            {
              "name": "24950",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24950"
            },
            {
              "name": "1018407",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018407"
            },
            {
              "name": "GLSA-200802-11",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
            },
            {
              "name": "29051",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29051"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
            },
            {
              "name": "ADV-2007-2563",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2563"
            },
            {
              "name": "DSA-1358",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2007/dsa-1358"
            },
            {
              "name": "SUSE-SR:2007:015",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://ftp.digium.com/pub/asa/ASA-2007-015.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://ftp.digium.com/pub/asa/ASA-2007-015.pdf"
                },
                {
                  "name": "26099",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26099"
                },
                {
                  "name": "24950",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24950"
                },
                {
                  "name": "1018407",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018407"
                },
                {
                  "name": "GLSA-200802-11",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
                },
                {
                  "name": "29051",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29051"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=185713",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
                },
                {
                  "name": "ADV-2007-2563",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2563"
                },
                {
                  "name": "DSA-1358",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2007/dsa-1358"
                },
                {
                  "name": "SUSE-SR:2007:015",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3763",
        "datePublished": "2007-07-18T17:00:00.000Z",
        "dateReserved": "2007-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3764 (GCVE-0-2007-3764)

    Vulnerability from cvelistv5 – Published: 2007-07-18 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an "overly large memcpy."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/26099 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/24950 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1018407 vdb-entryx_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200802-11.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/29051 third-party-advisoryx_refsource_SECUNIA
    http://bugs.gentoo.org/show_bug.cgi?id=185713 x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/2563 vdb-entryx_refsource_VUPEN
    http://ftp.digium.com/pub/asa/ASA-2007-016.pdf x_refsource_CONFIRM
    http://www.debian.org/security/2007/dsa-1358 vendor-advisoryx_refsource_DEBIAN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    Date Public
    2007-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26099",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26099"
              },
              {
                "name": "24950",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24950"
              },
              {
                "name": "1018407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018407"
              },
              {
                "name": "GLSA-200802-11",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
              },
              {
                "name": "29051",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29051"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
              },
              {
                "name": "asterisk-skinny-driver-dos(35478)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35478"
              },
              {
                "name": "ADV-2007-2563",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2563"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ftp.digium.com/pub/asa/ASA-2007-016.pdf"
              },
              {
                "name": "DSA-1358",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2007/dsa-1358"
              },
              {
                "name": "SUSE-SR:2007:015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an \"overly large memcpy.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26099",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26099"
            },
            {
              "name": "24950",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24950"
            },
            {
              "name": "1018407",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018407"
            },
            {
              "name": "GLSA-200802-11",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
            },
            {
              "name": "29051",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29051"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
            },
            {
              "name": "asterisk-skinny-driver-dos(35478)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35478"
            },
            {
              "name": "ADV-2007-2563",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2563"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ftp.digium.com/pub/asa/ASA-2007-016.pdf"
            },
            {
              "name": "DSA-1358",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2007/dsa-1358"
            },
            {
              "name": "SUSE-SR:2007:015",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3764",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a certain data length value in a crafted packet, which results in an \"overly large memcpy.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26099",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26099"
                },
                {
                  "name": "24950",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24950"
                },
                {
                  "name": "1018407",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018407"
                },
                {
                  "name": "GLSA-200802-11",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
                },
                {
                  "name": "29051",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29051"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=185713",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
                },
                {
                  "name": "asterisk-skinny-driver-dos(35478)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35478"
                },
                {
                  "name": "ADV-2007-2563",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2563"
                },
                {
                  "name": "http://ftp.digium.com/pub/asa/ASA-2007-016.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://ftp.digium.com/pub/asa/ASA-2007-016.pdf"
                },
                {
                  "name": "DSA-1358",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2007/dsa-1358"
                },
                {
                  "name": "SUSE-SR:2007:015",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3764",
        "datePublished": "2007-07-18T17:00:00.000Z",
        "dateReserved": "2007-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3765 (GCVE-0-2007-3765)

    Vulnerability from cvelistv5 – Published: 2007-07-18 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/26099 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/24950 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1018407 vdb-entryx_refsource_SECTRACK
    http://ftp.digium.com/pub/asa/ASA-2007-017.pdf x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/2563 vdb-entryx_refsource_VUPEN
    Date Public
    2007-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.295Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26099",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26099"
              },
              {
                "name": "24950",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24950"
              },
              {
                "name": "1018407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018407"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ftp.digium.com/pub/asa/ASA-2007-017.pdf"
              },
              {
                "name": "asterisk-stun-dos(35480)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35480"
              },
              {
                "name": "ADV-2007-2563",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2563"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26099",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26099"
            },
            {
              "name": "24950",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24950"
            },
            {
              "name": "1018407",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018407"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ftp.digium.com/pub/asa/ASA-2007-017.pdf"
            },
            {
              "name": "asterisk-stun-dos(35480)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35480"
            },
            {
              "name": "ADV-2007-2563",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2563"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3765",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted STUN length attribute in a STUN packet sent on an RTP port."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26099",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26099"
                },
                {
                  "name": "24950",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24950"
                },
                {
                  "name": "1018407",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018407"
                },
                {
                  "name": "http://ftp.digium.com/pub/asa/ASA-2007-017.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://ftp.digium.com/pub/asa/ASA-2007-017.pdf"
                },
                {
                  "name": "asterisk-stun-dos(35480)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35480"
                },
                {
                  "name": "ADV-2007-2563",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2563"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3765",
        "datePublished": "2007-07-18T17:00:00.000Z",
        "dateReserved": "2007-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.295Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3762 (GCVE-0-2007-3762)

    Vulnerability from cvelistv5 – Published: 2007-07-18 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/26099 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1018407 vdb-entryx_refsource_SECTRACK
    http://security.gentoo.org/glsa/glsa-200802-11.xml vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/29051 third-party-advisoryx_refsource_SECUNIA
    http://bugs.gentoo.org/show_bug.cgi?id=185713 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2563 vdb-entryx_refsource_VUPEN
    http://www.debian.org/security/2007/dsa-1358 vendor-advisoryx_refsource_DEBIAN
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://ftp.digium.com/pub/asa/ASA-2007-014.pdf x_refsource_CONFIRM
    http://www.securityfocus.com/bid/24949 vdb-entryx_refsource_BID
    Date Public
    2007-07-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:52.292Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "asterisk-iax2channeldriver-bo(35466)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35466"
              },
              {
                "name": "26099",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26099"
              },
              {
                "name": "1018407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018407"
              },
              {
                "name": "GLSA-200802-11",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
              },
              {
                "name": "29051",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29051"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
              },
              {
                "name": "ADV-2007-2563",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2563"
              },
              {
                "name": "DSA-1358",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2007/dsa-1358"
              },
              {
                "name": "SUSE-SR:2007:015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ftp.digium.com/pub/asa/ASA-2007-014.pdf"
              },
              {
                "name": "24949",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24949"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "asterisk-iax2channeldriver-bo(35466)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35466"
            },
            {
              "name": "26099",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26099"
            },
            {
              "name": "1018407",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018407"
            },
            {
              "name": "GLSA-200802-11",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
            },
            {
              "name": "29051",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29051"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
            },
            {
              "name": "ADV-2007-2563",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2563"
            },
            {
              "name": "DSA-1358",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2007/dsa-1358"
            },
            {
              "name": "SUSE-SR:2007:015",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ftp.digium.com/pub/asa/ASA-2007-014.pdf"
            },
            {
              "name": "24949",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24949"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3762",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a long (1) voice or (2) video RTP frame."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "asterisk-iax2channeldriver-bo(35466)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35466"
                },
                {
                  "name": "26099",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26099"
                },
                {
                  "name": "1018407",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018407"
                },
                {
                  "name": "GLSA-200802-11",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200802-11.xml"
                },
                {
                  "name": "29051",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29051"
                },
                {
                  "name": "http://bugs.gentoo.org/show_bug.cgi?id=185713",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.gentoo.org/show_bug.cgi?id=185713"
                },
                {
                  "name": "ADV-2007-2563",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2563"
                },
                {
                  "name": "DSA-1358",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2007/dsa-1358"
                },
                {
                  "name": "SUSE-SR:2007:015",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
                },
                {
                  "name": "http://ftp.digium.com/pub/asa/ASA-2007-014.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://ftp.digium.com/pub/asa/ASA-2007-014.pdf"
                },
                {
                  "name": "24949",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24949"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3762",
        "datePublished": "2007-07-18T17:00:00.000Z",
        "dateReserved": "2007-07-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:52.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }