CVE-2008-5558
Published Dec 17, 2008
Last updated 6 years ago
Overview
- Description
- Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FCD865F-BC39-4255-A797-6E5945773337"
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB3C2CF4-4A4B-4398-92DC-EAE43801D08A"
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4956871-4DD3-4299-8BEB-9D98A4449A42"
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F796D547-034A-46FB-B245-3863C198AA84"
},
{
"criteria": "cpe:2.3:a:asterisk:asterisk_business_edition:b.2.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F04F844-79C4-41F3-9671-8B46460D0AAE"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9562112-2505-4F78-86DE-F30EFAEE47D5"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26:netsec:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9EEA1E9C-C1FB-4EFD-86EA-DCF78C57FC35"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A6D8FD0-C8C1-4868-9AF1-96B1949C18AE"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.1:netsec:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E20FAF7-9031-478E-A89C-D6FB3B5FDE3A"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72A840B4-216B-4063-997F-791FBC8C8658"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.26.2:netsec:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72375576-F857-4585-A677-A326D89A65B5"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE47A547-26E7-48F9-B0A6-2F65E04A1EDE"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1AEB744-FCF2-4A41-8866-9D1D20E6C6B8"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E5EB34-30AD-4E81-8BD4-4AB905E52B82"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4359322B-08D0-4710-A9C3-54BD4A17B800"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78F84DF4-DBA7-430C-AF17-F52024EF80D7"
},
{
"criteria": "cpe:2.3:a:asterisk:open_source:1.2.30.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34266614-3588-485C-A609-37823F8499AC"
}
],
"operator": "OR"
}
]
}
]