Vulnerability Details : CVE-2015-3008
Asterisk Open Source 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x before 12.8.2, and 13.x before 13.3.2 and Certified Asterisk 1.8.28 before 1.8.28-cert5, 11.6 before 11.6-cert11, and 13.1 before 13.1-cert2, when registering a SIP TLS device, does not properly handle a null byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Products affected by CVE-2015-3008
- cpe:2.3:a:digium:asterisk:1.8.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.3:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.10.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.10.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.10.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.10.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.12.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.12.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.11.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.11.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.12:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.12.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.13.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.13.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.14.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.14.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.15.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.15.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.15.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.17.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.17.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.16.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.19.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.19.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.16.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.16.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.18.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.17.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.18.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.18.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.0.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.0.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.1.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.2.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.5.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.23.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.23.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.22.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.4.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.21.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.20.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.20.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.19.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.4.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.21.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.22.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.26.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.26.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.25.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.21.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.15.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.14.1:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.14.1:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.14.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.8.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.8.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.8.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.24.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.24.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.23.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.23.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.20.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.20.0:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.19.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.11.1:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.11.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.11.0:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.10.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.1.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.25.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.24.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.22.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.20.2:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.20.1:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.18.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.17.0:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.12.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.8.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.1.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.25.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.24.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.23.0:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.20.2:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.20.1:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.17.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.16.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.14.0:patch:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.11.1:-:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.28.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.27.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.27.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.27.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.26.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.2.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.2.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.9.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.10.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.9.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.4.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.11.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.9.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.7.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.7.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.4.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.7.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.14.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.13.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.12.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.7.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.14.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.8.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.7.0:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:asterisk:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.8.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.28.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.32.0:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:asterisk:11.10.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.15.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.8.28.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.14.0:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:asterisk:11.16.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:11.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:12.7.0:*:*:*:standard:*:*:*
- cpe:2.3:a:digium:asterisk:13.0.0:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert5:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert6:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert4:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert9:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert7:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert8:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert1_rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.14.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.13.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.13.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.13.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.9.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.9.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.9.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert1_rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.10.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.8.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.8.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.7.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.7.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert1_rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert4:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert1_rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.12.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.12.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.10.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.10.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.8.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.8.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.6.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.4.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.3.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.2.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.9.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.6.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.5.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.4.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert1_rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.14.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.12.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.12.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.10.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.10.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.8.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.8.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.7.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.4.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.3.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.1.0:-:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert5:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert2:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6.0:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert5:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert3:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert1:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert4:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert2:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert7:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert6:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert8:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert3:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.28.0:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.28:cert2:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.28:cert1:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.28:cert3:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.28:cert4:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert9:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.11:cert10:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:13.1:cert1:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:1.8.15:cert6:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert10:*:*:lts:*:*:*
Threat overview for CVE-2015-3008
Top countries where our scanners detected CVE-2015-3008
Top open port discovered on systems with this issue
80
IPs affected by CVE-2015-3008 1,084
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-3008!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2015-3008
57.34%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-3008
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2015-3008
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-3008
-
http://www.securitytracker.com/id/1032052
Asterisk TLS Certificate Validation Flaw With Null Byte in Common Name Lets Remote Users Bypass Certificate Validation - SecurityTracker
-
http://seclists.org/fulldisclosure/2015/Apr/22
Full Disclosure: AST-2015-003: TLS Certificate Common name NULL byte exploit
-
http://www.securityfocus.com/bid/74022
Multiple Asterisk Products CVE-2015-3008 TLS Certificate Validation Security Bypass Vulnerability
-
http://packetstormsecurity.com/files/131364/Asterisk-Project-Security-Advisory-AST-2015-003.html
Asterisk Project Security Advisory - AST-2015-003 ≈ Packet Storm
-
http://www.securityfocus.com/archive/1/535222/100/0/threaded
SecurityFocus
-
http://downloads.asterisk.org/pub/security/AST-2015-003.html
AST-2015-003Vendor Advisory
-
http://advisories.mageia.org/MGASA-2015-0153.html
Mageia Advisory: MGASA-2015-0153 - Updated asterisk packages fix CVE-2015-3008
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162260.html
[SECURITY] Fedora 22 Update: asterisk-13.3.2-1.fc22
-
http://www.debian.org/security/2016/dsa-3700
Debian -- Security Information -- DSA-3700-1 asterisk
Jump to