Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error messages depending on whether a SIP username is valid, which allows remote attackers to enumerate valid usernames via multiple crafted REGISTER messages with inconsistent usernames in the URI in the To header and the Digest in the Authorization header.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Digium Asterisk SIP注册响应用户枚举漏洞
Vulnerability Description
Asterisk是开放源码的软件PBX,支持各种VoIP协议和设备。 Asterisk Open Source 1.2.35之前的1.2.x版本,1.4.26.3之前的1.4.x版本,1.6.0.17之前的1.6.0.x版本,以及1.6.1.9之前的1.6.1.x版本;Business Edition A.x.x,B.2.5.12之前的B.x.x版本,C.2.4.5之前的C.2.x.x版本,C.3.2.2之前的C.3.x.x版本;AsteriskNOW 1.5,1.3.0.5之前的s800i 1.3.x版
CVSS Information
N/A
Vulnerability Type
N/A