CVE-2007-5358 - OpenCVE

Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Digium	Asterisk

Configuration 1 [-]

cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://downloads.digium.com/pub/security/AST-2007-022.html
http://osvdb.org/38201
http://osvdb.org/38202
http://secunia.com/advisories/27184
http://www.securityfocus.com/archive/1/481996/100/0/threaded
http://www.securityfocus.com/bid/26005
http://www.securitytracker.com/id?1018804
http://www.vupen.com/english/advisories/2007/3454
https://exchange.xforce.ibmcloud.com/vulnerabilities/37051
https://exchange.xforce.ibmcloud.com/vulnerabilities/37052

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-12T23:00:00

Updated: 2024-08-07T15:31:57.205Z

Reserved: 2007-10-10T00:00:00

Link: CVE-2007-5358

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-10-12T23:17:00.000

Modified: 2018-10-15T21:43:58.700

Link: CVE-2007-5358

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-10-10T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://downloads.digium.com/pub/security/AST-2007-022.html"}, {"name": "38201", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/38201"}, {"name": "asterisk-contentheader-bo(37052)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37052"}, {"name": "38202", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/38202"}, {"name": "27184", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27184"}, {"name": "1018804", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018804"}, {"name": "26005", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26005"}, {"name": "asterisk-sprintf-bo(37051)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37051"}, {"name": "20071010 AST-2007-022: Buffer overflows in voicemail when using IMAP storage", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/481996/100/0/threaded"}, {"name": "ADV-2007-3454", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3454"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5358", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://downloads.digium.com/pub/security/AST-2007-022.html", "refsource": "CONFIRM", "url": "http://downloads.digium.com/pub/security/AST-2007-022.html"}, {"name": "38201", "refsource": "OSVDB", "url": "http://osvdb.org/38201"}, {"name": "asterisk-contentheader-bo(37052)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37052"}, {"name": "38202", "refsource": "OSVDB", "url": "http://osvdb.org/38202"}, {"name": "27184", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27184"}, {"name": "1018804", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018804"}, {"name": "26005", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26005"}, {"name": "asterisk-sprintf-bo(37051)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37051"}, {"name": "20071010 AST-2007-022: Buffer overflows in voicemail when using IMAP storage", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/481996/100/0/threaded"}, {"name": "ADV-2007-3454", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3454"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:31:57.205Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://downloads.digium.com/pub/security/AST-2007-022.html"}, {"name": "38201", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/38201"}, {"name": "asterisk-contentheader-bo(37052)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37052"}, {"name": "38202", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/38202"}, {"name": "27184", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27184"}, {"name": "1018804", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018804"}, {"name": "26005", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26005"}, {"name": "asterisk-sprintf-bo(37051)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37051"}, {"name": "20071010 AST-2007-022: Buffer overflows in voicemail when using IMAP storage", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/481996/100/0/threaded"}, {"name": "ADV-2007-3454", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3454"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5358", "datePublished": "2007-10-12T23:00:00", "dateReserved": "2007-10-10T00:00:00", "dateUpdated": "2024-08-07T15:31:57.205Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*", "matchCriteriaId": "600A8B6A-B929-455F-AB6C-548712F45A44", "versionEndIncluding": "1.4.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en la funcionalidad de voicemail del Asterisk 1.4.x anterior al 1.4.13, cuando se utiliza el almacenamiento IMAP, puede permitir (1) a atacantes ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una combinaci\u00f3n larga de cabeceras dependientes del tipo (Content-type) y de la descripci\u00f3n (Content-description), o (2) usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una combinaci\u00f3n larga de los campos astspooldir, voicemail context y voicemail mailbox. NOTA: el vector 2 requiere acceso de escritura en los ficheros de configuraci\u00f3n del Asterisk."}], "id": "CVE-2007-5358", "lastModified": "2018-10-15T21:43:58.700", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-12T23:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://downloads.digium.com/pub/security/AST-2007-022.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/38201"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/38202"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27184"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/481996/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26005"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018804"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/3454"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37051"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37052"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}