Authentication Bypass in Asterisk Open Source and Business Edition
CVE-2007-6430

Currently unrated

Key Information:

Vendor

Asterisk

Status
Asterisk Business Edition
Open Source
Vendor
CVE Published:
20 December 2007

What is CVE-2007-6430?

A vulnerability exists in certain versions of Asterisk Open Source and Business Edition, allowing remote attackers to bypass authentication. When using database-based registrations and host-based authentication, the system fails to validate the IP address during the authentication process if a valid username is provided without a password. This oversight enables unauthorized access, potentially compromising the system's security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/28149
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29782
third-party-advisoryx_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200804-13.xml
vendor-advisoryx_refsource_GENTOO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.