CVE-2006-5444

Published Oct 23, 2006

Last updated 6 years ago

CVSS info 7.5

Overview

Description: Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads to a heap-based buffer overflow.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Evaluator

Comment: -
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C08E661-23D9-437F-844F-6BE8183CF3CA"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D030C12-C2C6-4714-B776-2EF7ECF1A591"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE5A8210-2E7C-465C-9751-CB362AADC224"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.1.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82621C2B-B5F0-4E70-A619-0213005DADB6"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9750B74B-F766-4869-880B-4E5E41D90533"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33DCA1D9-0D47-4F0A-A78F-F85FADE0C9B4"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACC453F5-C46A-45E9-B7DE-3C5BF752F305"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23472323-E37F-4946-A0D6-DB7FB96E9388"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16FC9C13-ADDD-4F09-B977-EE0DEF598B1B"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C20296F-F70A-4D3C-A062-B6054617841C"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB7FF734-C669-4944-B813-2B18C206D5C1"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "120823D3-72A0-41A2-8BEB-984B3FC5E4A9"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46C60C04-EF59-4F5C-96E5-A6E693EA9A06"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3636BB44-DF4D-40AB-8EBB-1EC5D911E4A2"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3B3C254-29D9-4911-89A9-AC0CD9EB13F0"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D8679FD-B2E5-46F6-B20C-F109B9706C63"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E951589C-CF17-49C7-B12E-303AD07800E3"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C619138A-557F-419E-9832-D0FB0E9042C9"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6656EA0-4D4F-4251-A30F-48375C5CE3E0"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AAD9104-BA4A-478F-9B56-195E0F9A7DF5"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F06C361-D7DF-474B-A835-BA8886C11A80"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "175954A5-E712-41B8-BC11-4F999343063D"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DF9E41E-8FE6-4396-A5D4-D4568600FE03"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4457486F-E9B4-46B8-A05D-3B32F8B639A4"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2_beta1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61FAB63F-B9F8-4D39-AEE9-BC0E54BAA944"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:1.2_beta2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BC20315-40B5-4DA1-AC49-E911C03AEA6B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References