CVE-2010-1224 (GCVE-0-2010-1224)

Vulnerability from cvelistv5 – Published: 2010-04-01 21:00 – Updated: 2024-08-07 01:14
VLAI?
Summary
main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:14:06.690Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20100225 AST-2010-003: Invalid parsing of ACL rules can compromise security",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/509757/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://downloads.asterisk.org/pub/security/AST-2010-003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff"
          },
          {
            "name": "39096",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39096"
          },
          {
            "name": "FEDORA-2010-3724",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diff"
          },
          {
            "name": "ADV-2010-0475",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0475"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diff"
          },
          {
            "name": "62588",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/62588"
          },
          {
            "name": "asterisk-cidr-security-bypass(56552)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56552"
          },
          {
            "name": "38424",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38424"
          },
          {
            "name": "38752",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38752"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation \"/0\" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20100225 AST-2010-003: Invalid parsing of ACL rules can compromise security",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/509757/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://downloads.asterisk.org/pub/security/AST-2010-003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff"
        },
        {
          "name": "39096",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39096"
        },
        {
          "name": "FEDORA-2010-3724",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diff"
        },
        {
          "name": "ADV-2010-0475",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0475"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diff"
        },
        {
          "name": "62588",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/62588"
        },
        {
          "name": "asterisk-cidr-security-bypass(56552)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56552"
        },
        {
          "name": "38424",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38424"
        },
        {
          "name": "38752",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38752"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-1224",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation \"/0\" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20100225 AST-2010-003: Invalid parsing of ACL rules can compromise security",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/509757/100/0/threaded"
            },
            {
              "name": "http://downloads.asterisk.org/pub/security/AST-2010-003.html",
              "refsource": "CONFIRM",
              "url": "http://downloads.asterisk.org/pub/security/AST-2010-003.html"
            },
            {
              "name": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff",
              "refsource": "CONFIRM",
              "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff"
            },
            {
              "name": "39096",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39096"
            },
            {
              "name": "FEDORA-2010-3724",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html"
            },
            {
              "name": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diff",
              "refsource": "CONFIRM",
              "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diff"
            },
            {
              "name": "ADV-2010-0475",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0475"
            },
            {
              "name": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diff",
              "refsource": "CONFIRM",
              "url": "http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diff"
            },
            {
              "name": "62588",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/62588"
            },
            {
              "name": "asterisk-cidr-security-bypass(56552)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56552"
            },
            {
              "name": "38424",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38424"
            },
            {
              "name": "38752",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38752"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-1224",
    "datePublished": "2010-04-01T21:00:00",
    "dateReserved": "2010-04-01T00:00:00",
    "dateUpdated": "2024-08-07T01:14:06.690Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-1224\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-04-01T21:30:00.420\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation \\\"/0\\\" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts.\"},{\"lang\":\"es\",\"value\":\"main/acl.c en Asterisk Open Source 1.6.0.x en versiones anteriores a la 1.6.0.25, 1.6.1.x en versiones anteriores a la 1.6.1.17 y 1.6.2.x en versiones anteriores a la 1.6.2.5 no aplica de manera apropiada los controles de acceso de host remoto cuando la notaci\u00f3n CIDR \\\"/ 0\\\" es usada en reglas de configuraci\u00f3n \\\"permit=\\\" y \\\"deny=\\\", lo que provoca un desplazamiento aritm\u00e9tico incorrecto y podr\u00eda permitir a atacantes remotos eludir las reglas ACL y tener acceso a servicios desde hosts no autorizados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8374B5D-DE7A-4C3C-A5FE-579B17006A54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4225252F-5960-4A42-A575-00C125860E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A65D76A8-BBDD-4BDE-B789-D745C400DCBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8B0F5A5-4252-4A9C-B830-2419E87AE5A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E8EF2D7-371B-4268-989E-25225CC1F7B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABAC4CE9-1CFA-4279-B0CE-18F3C6FB9AB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E16E37A0-F739-4EEE-A1BB-EBC558C62767\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF0E2562-D0FC-404C-B725-617AEEF20AB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C831EC2A-C99D-4FB1-8E5C-2FF685792F2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F37C4158-6C4E-448D-929B-288480748289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FBC113E-6304-4605-B024-D6D7A264DC9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC3FCBAE-2A39-482A-ADF9-870DF63F89D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57325096-F4D8-4146-A6FD-93219F2C72D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"648639A2-26C4-4EDA-A982-25D400836696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.16:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"37DE011D-1C1B-46AC-9265-F82693CE3C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.16:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"790BF14A-0193-4A5C-802B-D82200B22342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D552F2D3-EB70-413E-8C4F-DD3283434C7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15C4C10F-BD36-491A-87E7-2F072796DA33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.18:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"929EAA61-BA69-4F36-A5E9-B8F066405384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.18:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E60A7436-AFDB-4540-BD4B-01F25BDFBA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.18:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A1CCA12-CCF2-46F5-BBDD-AAC0C1E8C5FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB1D4D06-9D83-495F-98BC-0B6E1C3566B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.20:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D8A87FD-EB9C-4D65-824A-159C206F28FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55585411-9272-4ED6-962C-B27EBAE11C76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.21:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF7BDB9D-403D-4BC4-83FA-AD39EF131714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F74046A-9B96-4EE7-AC14-F2A1FBDF65E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.23:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"512545F1-F007-43D7-AAE9-8120BC5821D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"339BEF35-835E-4B06-B9B4-C2DF26A7B3B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBFF2686-0F5C-4F20-AA93-6B63C5ADCD82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"759221D5-FC37-446D-9628-233B8D0B9120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F82D4812-0429-42D4-BD27-C76CB9E7C368\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D1FBCC8-4637-4A67-BFFD-C052C3C03C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7307E10-9FA5-4940-B837-7936384F61DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBBD0747-F3FF-46D8-A3C4-8268E37BC5AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.7:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F759F27-008E-47FB-AC0A-EF11DA19918E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.7:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D15C82BA-BD1F-4A19-A907-E6C30042F537\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E802481-C8BD-4218-8CDC-5DB112DA946C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6FC8A53-E3C0-4660-BE75-2B5B8B4F8160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93C020CD-D0EA-4B3E-B33C-F900B08B28FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.10:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0004AADE-1652-4242-A97D-E9818FE03CCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.10:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"543E9C91-60FE-43AE-9B94-08DD730BA814\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.10:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"252849FA-F46E-4F5A-A488-AA53574CA884\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB89B4F-9546-4DF0-B69F-1B9F289BB1E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E254415-1D59-4A77-80FB-AE3EF10FBB32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF2407D0-C324-45C4-9FBB-4294F747DBDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F23A36CC-9AA2-4559-946D-6D0621664342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"89C40652-E180-416A-B88A-E6313530E98A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A28C2C5D-A573-4036-A600-BE28A3E417B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.15:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE162390-359F-4C5D-902B-275FB1FC3EF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.1.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A0A3750-0D34-4FB5-B897-17CA0D0B7CE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F8B700A-FACB-4BC8-9DF2-972DC63D852B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFD31B9B-2F43-4637-BE56-47A807384BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6450D6B-C907-49E6-9788-E4029C09285F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDB0432E-024A-4C0C-87FF-448E513D2834\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6A6A343-FEA2-49E5-9858-455AE3B29470\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D57B94E3-EA37-466C-ADC4-5180D4502FDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.0:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"64D35A89-6B21-4770-AA0F-424C5C91A254\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.0:rc8:*:*:*:*:*:*\",\"matchCriteriaId\":\"14817302-A34A-4980-B148-AEB4B3B49BE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61FDFA96-E62A-413B-9846-F51F1F7349EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA924386-49F6-4371-B975-B1473EEA12F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B74A1B99-8901-4690-B994-1DAD3EFA5ABB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.3:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4253C7DD-3588-4B35-B96D-C027133BE93F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digium:asterisk:1.6.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24AE11DB-16D3-42BF-BC64-E8982107D35B\"}]}]}],\"references\":[{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diff\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diff\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2010-003.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/62588\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38752\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/39096\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/509757/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/38424\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0475\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56552\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2010-003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/62588\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38752\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/39096\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/509757/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/38424\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0475\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56552\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.