CVE-2008-2543

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-2543
The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP application-data fields as addresses of memory to free, which allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://downloads.digium.com/pub/security/AST-2008-009.html
http://secunia.com/advisories/30555
http://securitytracker.com/id?1020202
http://www.securityfocus.com/archive/1/493122/100/0/threaded
http://www.securityfocus.com/archive/1/493144/100/0/threaded
http://www.securityfocus.com/bid/29567
http://www.vupen.com/english/advisories/2008/1747/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42869
http://downloads.digium.com/pub/security/AST-2008-009.html
http://secunia.com/advisories/30555
http://securitytracker.com/id?1020202
http://www.securityfocus.com/archive/1/493122/100/0/threaded
http://www.securityfocus.com/archive/1/493144/100/0/threaded
http://www.securityfocus.com/bid/29567
http://www.vupen.com/english/advisories/2008/1747/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42869
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:asterisk:asterisk-addons:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk-addons:1.4.6:*:*:*:*:*:*:*
History

21 Nov 2024, 00:47

Type Values Removed Values Added
References () http://downloads.digium.com/pub/security/AST-2008-009.html - () http://downloads.digium.com/pub/security/AST-2008-009.html -
References () http://secunia.com/advisories/30555 - () http://secunia.com/advisories/30555 -
References () http://securitytracker.com/id?1020202 - () http://securitytracker.com/id?1020202 -
References () http://www.securityfocus.com/archive/1/493122/100/0/threaded - () http://www.securityfocus.com/archive/1/493122/100/0/threaded -
References () http://www.securityfocus.com/archive/1/493144/100/0/threaded - () http://www.securityfocus.com/archive/1/493144/100/0/threaded -
References () http://www.securityfocus.com/bid/29567 - () http://www.securityfocus.com/bid/29567 -
References () http://www.vupen.com/english/advisories/2008/1747/references - () http://www.vupen.com/english/advisories/2008/1747/references -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/42869 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/42869 -
Information

Published : 2008-06-05 20:32

Updated : 2024-11-21 00:47

NVD link : CVE-2008-2543

Mitre link : CVE-2008-2543

CVE.ORG link : CVE-2008-2543

JSON object : View

Products Affected

asterisk

  • asterisk-addons
CWE
CWE-399

Resource Management Errors


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024