Upstream information
Description
Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 8.8 |
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:N |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | Complete |
| Integrity Impact | Complete |
| Availability Impact | None |
SUSE Security Advisories:
- SUSE-SR:2008:010, published Fri, 25 Apr 2008 15:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 03:17:12 2013CVE page last modified: Fri Dec 8 16:25:28 2023