Information on source package asterisk

Available versions

ReleaseVersion
squeeze, squeeze1:1.6.2.9-2+squeeze5
wheezy, sid1:1.8.11.1~dfsg-1

Open issues

Open unimportant issues

BugDescription
CVE-2011-2666The default configuration of the SIP channel driver in Asterisk Open ...
CVE-2012-1184Asterisk: Stack Buffer Overflow in HTTP Manager

Resolved issues

BugDescription
CVE-2003-0761Buffer overflow in the get_msg_text of chan_sip.c in the Session ...
CVE-2003-0779SQL injection vulnerability in the Call Detail Record (CDR) logging ...
CVE-2005-2081Stack-based buffer overflow in the function that parses commands in ...
CVE-2005-3559Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 ...
CVE-2006-1827Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and ...
CVE-2006-2898The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 ...
CVE-2006-4345Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in ...
CVE-2006-4346Asterisk 1.2.10 supports the use of client-controlled variables to ...
CVE-2006-5444Integer overflow in the get_input function in the Skinny channel ...
CVE-2006-5445Unspecified vulnerability in the SIP channel driver ...
CVE-2007-1306Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote ...
CVE-2007-1561The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 ...
CVE-2007-1595The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk ...
CVE-2007-2293Multiple stack-based buffer overflows in the process_sdp function in ...
CVE-2007-2294The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 ...
CVE-2007-2297The SIP channel driver (chan_sip) in Asterisk before 1.2.18 and 1.4.x ...
CVE-2007-2383The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data ...
CVE-2007-2488The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does ...
CVE-2007-3762Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in ...
CVE-2007-3763The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and ...
CVE-2007-3764The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and ...
CVE-2007-3765The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW ...
CVE-2007-4103The IAX2 channel driver (chan_iax2) in Asterisk Open 1.2.x before ...
CVE-2007-4280The Skinny channel driver (chan_skinny) in Asterisk Open Source before ...
CVE-2007-4455The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before ...
CVE-2007-4521Asterisk Open Source 1.4.5 through 1.4.11, when configured to use an ...
CVE-2007-5358Multiple buffer overflows in the voicemail functionality in Asterisk ...
CVE-2007-6170SQL injection vulnerability in the Call Detail Record Postgres logging ...
CVE-2007-6171SQL injection vulnerability in the Postgres Realtime Engine ...
CVE-2007-6430Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and ...
CVE-2008-0095The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, ...
CVE-2008-1289Multiple buffer overflows in Asterisk Open Source 1.4.x before ...
CVE-2008-1332Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, ...
CVE-2008-1333Format string vulnerability in Asterisk Open Source 1.6.x before ...
CVE-2008-1390The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before ...
CVE-2008-1897The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, ...
CVE-2008-1923The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision ...
CVE-2008-2119Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business ...
CVE-2008-3263The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x ...
CVE-2008-3264The FWDOWNL firmware-download implementation in Asterisk Open Source ...
CVE-2008-3903Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and ...
CVE-2008-5558Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition ...
CVE-2008-7220Unspecified vulnerability in Prototype JavaScript framework ...
CVE-2009-0041IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before ...
CVE-2009-0871The SIP channel driver in Asterisk Open Source 1.4.22, 1.4.23, and ...
CVE-2009-2346The IAX2 protocol implementation in Asterisk Open Source 1.2.x before ...
CVE-2009-2651main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote ...
CVE-2009-2726The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, ...
CVE-2009-3723Unauthorized calls allowed on prohibited networks in asterisk
CVE-2009-3727Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, ...
CVE-2009-4055rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before ...
CVE-2010-0441Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, ...
CVE-2010-0685The design of the dialplan functionality in Asterisk Open Source ...
CVE-2010-1224main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x ...
CVE-2011-0495Stack-based buffer overflow in the ast_uri_encode function in ...
CVE-2011-1147Multiple stack-based and heap-based buffer overflows in the (1) ...
CVE-2011-1174manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x ...
CVE-2011-1175tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before ...
CVE-2011-1507Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, ...
CVE-2011-1599manager.c in the Manager Interface in Asterisk Open Source 1.4.x ...
CVE-2011-2216reqresp_parser.c in the SIP channel driver in Asterisk Open Source ...
CVE-2011-2529chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x ...
CVE-2011-2535chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x ...
CVE-2011-2536chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x ...
CVE-2011-2665reqresp_parser.c in the SIP channel driver in Asterisk Open Source ...
CVE-2011-4063chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x ...
CVE-2011-4597The SIP over UDP implementation in Asterisk Open Source 1.4.x before ...
CVE-2011-4598channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 ...
CVE-2012-0885chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x ...
CVE-2012-1183Asterisk: Remote Crash Vulnerability in Milliwatt Application
CVE-2012-2414main/manager.c in the Manager Interface in Asterisk Open Source ...
CVE-2012-2415Heap-based buffer overflow in chan_skinny.c in the Skinny channel ...
CVE-2012-2416chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x ...

Security announcements

DSADescription
DSA-2460-1asterisk - several
DSA-2367-1asterisk - several
DSA-2367-1asterisk - several
DSA-2276-2asterisk - multiple issues
DSA-2276-2asterisk - multiple issues
DSA-2276-1asterisk - multiple issues
DSA-2276-1asterisk - multiple issues
DSA-2225-1asterisk - several
DSA-2225-1asterisk - several
DSA-2171-1asterisk - buffer overflow
DSA-2171-1asterisk - buffer overflow
DSA-1952-1asterisk - several vulnerabilities
DSA-1563-1asterisk - denial of service
DSA-1525-1asterisk
DSA-1417-1asterisk - SQL injection
DSA-1417-1asterisk - SQL injection
DSA-1358-1asterisk
DSA-1358-1asterisk
DSA-1229-1asterisk
DSA-1126asterisk - several
DSA-1048-1asterisk - several vulnerabilities
DSA-1048-1asterisk - several vulnerabilities
Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)