Описание
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1:1.4.17~dfsg-2ubuntu1 |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1:1.4.17~dfsg-2ubuntu1 |
| intrepid | released | 1:1.4.17~dfsg-2ubuntu1 |
| jaunty | released | 1:1.4.17~dfsg-2ubuntu1 |
| karmic | released | 1:1.4.17~dfsg-2ubuntu1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function.
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0 ...
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function.
EPSS
5.8 Medium
CVSS2