FKIE_CVE-2011-0495

Vulnerability from fkie_nvd - Published: 2011-01-20 19:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function.
References
cve@mitre.orghttp://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diffPatch, Vendor Advisory
cve@mitre.orghttp://downloads.asterisk.org/pub/security/AST-2011-001.htmlVendor Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.htmlThird Party Advisory
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.htmlThird Party Advisory
cve@mitre.orghttp://osvdb.org/70518Broken Link
cve@mitre.orghttp://secunia.com/advisories/42935Third Party Advisory
cve@mitre.orghttp://secunia.com/advisories/43119Third Party Advisory
cve@mitre.orghttp://secunia.com/advisories/43373Third Party Advisory
cve@mitre.orghttp://www.debian.org/security/2011/dsa-2171Third Party Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/515781/100/0/threadedThird Party Advisory, VDB Entry
cve@mitre.orghttp://www.securityfocus.com/bid/45839Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.vupen.com/english/advisories/2011/0159Permissions Required
cve@mitre.orghttp://www.vupen.com/english/advisories/2011/0281Permissions Required
cve@mitre.orghttp://www.vupen.com/english/advisories/2011/0449Permissions Required
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/64831Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diffPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://downloads.asterisk.org/pub/security/AST-2011-001.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/70518Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42935Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43119Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43373Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2011/dsa-2171Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/515781/100/0/threadedThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/45839Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0159Permissions Required
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0281Permissions Required
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0449Permissions Required
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/64831Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
digium asterisk *
digium asterisk *
digium asterisk *
digium asterisk *
digium asterisk *
digium asterisk *
digium asterisk *
digium asterisk *
digium asterisk *
digium asterisknow 1.5
fedoraproject fedora 13
fedoraproject fedora 14
debian debian_linux 6.0
digium s800i_firmware 1.2.0
digium s800i -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:business:*:*:*",
              "matchCriteriaId": "FA6C77B1-85FF-47C1-8E1F-CABFF1DEA5FE",
              "versionEndExcluding": "c.3.6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF68F51-2011-4CEE-A4EA-49A59E440BAA",
              "versionEndIncluding": "1.2.40",
              "versionStartIncluding": "1.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0CCB255-0F1A-4FBE-A04D-A9560D3DF3BE",
              "versionEndExcluding": "1.4.38.1",
              "versionStartIncluding": "1.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3CEB89D-1D84-4B8E-B476-E00726752766",
              "versionEndExcluding": "1.4.39.1",
              "versionStartIncluding": "1.4.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0F92DAC-5736-49A6-9C52-2330BC4B724B",
              "versionEndExcluding": "1.6.1.21",
              "versionStartIncluding": "1.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71755241-9AF8-43EE-BD9F-9FF4DFD808D4",
              "versionEndExcluding": "1.6.2.15.1",
              "versionStartIncluding": "1.6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "007C363A-CBC6-4A05-BD3E-74A5A530B281",
              "versionEndExcluding": "1.6.2.16.1",
              "versionStartIncluding": "1.6.2.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35488043-2E09-4286-A178-4A25AA5C364F",
              "versionEndExcluding": "1.8.1.2",
              "versionStartIncluding": "1.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AADFA817-D1C7-49D2-AE6D-55493145BAFF",
              "versionEndExcluding": "1.8.2.2",
              "versionStartIncluding": "1.8.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:digium:asterisknow:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF81215F-0DD3-48FC-BA1C-19E42FCD47B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDE52846-24EC-4068-B788-EC7F915FFF11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digium:s800i_firmware:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA18EB6-92D5-4B01-A4BC-2B7177D28C40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digium:s800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15C35F93-0E57-4AEB-AA5F-4EDFAE753451",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary code via crafted caller ID data in vectors involving the (1) SIP channel driver, (2) URIENCODE dialplan function, or (3) AGI dialplan function."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n ast_uri_encode, en main/utils.c, en Asterisk Open Source before v.1.4.38.1, v.1.4.39.1, v.1.6.1.21, v.1.6.2.15.1, v.1.6.2.16.1, v.1.8.1.2, v.1.8.2.; y Business Edition before v.C.3.6.2; cuando se ejecuta en modo \"pedantic\" permite a usuarios autenticados ejectuar c\u00f3digo de su elecci\u00f3n manipulados con el dato llamador ID en vectores que involucran el (1) el driver del SIP, (2) la funci\u00f3n URIENCODE dialplan, o la funci\u00f3n AGI dialplan."
    }
  ],
  "id": "CVE-2011-0495",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-01-20T19:00:08.600",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://downloads.asterisk.org/pub/security/AST-2011-001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/70518"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/42935"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/43119"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/43373"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2011/dsa-2171"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/515781/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/45839"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0159"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0281"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0449"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64831"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://downloads.asterisk.org/pub/security/AST-2011-001-1.6.2.diff"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://downloads.asterisk.org/pub/security/AST-2011-001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053689.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053713.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/70518"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/42935"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/43119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/43373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2011/dsa-2171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/515781/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/45839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0281"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0449"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64831"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.