Denial of Service Vulnerability in Asterisk Firmware Download Implementation
CVE-2008-3264

Currently unrated

Key Information:

Vendor

Asterisk

Status
Asterisk Appliance Developer Kit
Asterisk Business Edition
Asterisknow
Open Source
Vendor
CVE Published:
24 July 2008

What is CVE-2008-3264?

The FWDOWNL firmware-download process in Asterisk Open Source versions prior to 1.2.30 and 1.4.21.2, along with certain Business Edition products, is susceptible to a remote denial of service attack. Attackers can exploit this vulnerability by sending specially crafted IAX2 FWDOWNL requests, leading to traffic amplification and subsequent denial of service conditions for affected systems. Proper security measures and patches should be applied to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1020536
vdb-entryx_refsource_SECTRACK
http://security.gentoo.org/glsa/glsa-200905-01.xml
vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/31194
third-party-advisoryx_refsource_SECUNIA

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.