Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-0041

Опубликовано: 14 янв. 2009
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5

Описание

IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

РелизСтатусПримечание
dapper

ignored

end of life
devel

not-affected

1:1.6.2.0~dfsg~beta4-0ubuntu2
gutsy

ignored

end of life, was needed
hardy

released

1:1.4.17~dfsg-2ubuntu1.1
intrepid

ignored

end of life, was needed
jaunty

ignored

end of life
karmic

not-affected

1:1.6.2.0~dfsg~beta4-0ubuntu2
lucid

not-affected

1:1.6.2.0~dfsg~beta4-0ubuntu2
maverick

not-affected

1:1.6.2.0~dfsg~beta4-0ubuntu2
upstream

released

1.4.23-rc4

Показывать по

Ссылки на источники

EPSS

Процентиль: 74%
0.0086
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-0041

redhat
почти 17 лет назад

IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

nvd логотип

CVE-2009-0041

nvd
почти 17 лет назад

IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

debian логотип

CVE-2009-0041

debian
почти 17 лет назад

IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23- ...

github логотип

GHSA-94hf-42cp-33m4

github
больше 3 лет назад

IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.

EPSS

Процентиль: 74%
0.0086
Низкий

5 Medium

CVSS2