Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-1507

EPSS 0.15% · P35
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-1507

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Digium Asterisk安全绕过和拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Digium Asterisk是美国Digium公司的一套开源的电话交换机(PBX)系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。 Asterisk Open Source 1.4.40.1之前版本,1.6.1.25,1.6.2.17.3和1.8.3.3版本以及Asterisk Business Edition C.3.6.4之前版本中存在安全绕过和拒绝服务漏洞。 (1)应用程序没有正确限制同步TCP连接的数量。远程攻击者可利用此漏洞消耗所有可利用文件的描述符,并从处理新的调用中
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2011-1507

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2011-1507

登录查看更多情报信息。

Same Patch Batch · n/a · 2011-04-27 · 26 CVEs total

CVE-2010-4798OrangeHRM index.php 'uri'目录遍历漏洞
CVE-2011-1725HP Network Automation信息泄露漏洞
CVE-2011-1719CA Output Management Web Viewer ActiveX控件栈缓冲区错误漏洞
CVE-2011-1718CA SiteMinder Web Agents用户假冒漏洞
CVE-2011-1599Digium Asterisk管理界面manager.c任意命令执行漏洞
CVE-2011-1587MediaWiki 跨站脚本漏洞
CVE-2011-1586KDE SC 路径遍历漏洞
CVE-2011-1580MediaWiki transwiki输入功能安全绕过漏洞
CVE-2011-1579MediaWiki维基文本解析器跨站脚本攻击漏洞
CVE-2011-1578MediaWiki跨站脚本攻击漏洞
CVE-2010-4801BaconMap admin/updatelist.php 'filepath'目录遍历漏洞
CVE-2010-4800BaconMap doadd.php 'type' SQL注入漏洞
CVE-2010-4799Chipmunk Pwngame多个SQL注入漏洞
CVE-2010-2787MediaWiki api.php信息泄露漏洞
CVE-2010-4797Truworth Flex Timesheet登录表单多个SQL注入漏洞
CVE-2010-4796PHPYun多个SQL注入漏洞
CVE-2010-4795Joomlaseller JS Calendar组件SQL注入漏洞
CVE-2010-4794JoomlaSeller JS Calendar组件多个跨站脚本攻击漏洞
CVE-2010-4793Site2Nite Auto e-Manager detail.asp 'ID' SQL注入漏洞
CVE-2010-4792OPEN IT OverLook title.php 'frame'跨站脚本攻击漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2011-1507

No comments yet

Leave a comment