• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability

Bugtraq ID:	36924
Class:	Design Error
CVE:	CVE-2009-3727
Remote:	Yes
Local:	No
Published:	Nov 04 2009 12:00AM
Updated:	Nov 05 2009 10:46PM
Credit:	Patrik Karlsson
Vulnerable:	Gentoo Linux Asterisk s800i Appliance 1.3 3 Asterisk s800i Appliance 1.3 .2 Asterisk s800i Appliance 1.3 Asterisk s800i Appliance 1.2 1 Asterisk s800i Appliance 1.1 2 Asterisk s800i Appliance 1.1 0 Asterisk s800i Appliance 1.1 .3 Asterisk s800i Appliance 1.0.3 Asterisk s800i Appliance 1.0.2 Asterisk s800i Appliance 1.0.1 Asterisk s800i Appliance 1.0 Asterisk AsteriskNow 1.0.3 Asterisk AsteriskNow 1.0.2 Asterisk AsteriskNow pre-release Asterisk AsteriskNow pre-release Asterisk AsteriskNow Beta 7 Asterisk AsteriskNow Beta 6 Asterisk AsteriskNow Beta 5 Asterisk AsteriskNow 1.0 Asterisk Asterisk Business Edition C.3.1.0 Asterisk Asterisk Business Edition C.3.1 1 Asterisk Asterisk Business Edition C.2.4.3 Asterisk Asterisk Business Edition C.2.4.2 Asterisk Asterisk Business Edition C.2.3.3 Asterisk Asterisk Business Edition C.2.3 .2 Asterisk Asterisk Business Edition C.2.3 Asterisk Asterisk Business Edition C.2.1.2.1 Asterisk Asterisk Business Edition C.1.8.1 Asterisk Asterisk Business Edition C.1.6.2 Asterisk Asterisk Business Edition C.1.6.1 Asterisk Asterisk Business Edition C.1.6 Asterisk Asterisk Business Edition C.1.10.5 Asterisk Asterisk Business Edition C.1.10.4 Asterisk Asterisk Business Edition C.1.10.3 Asterisk Asterisk Business Edition C.1.0-beta8 Asterisk Asterisk Business Edition C.1.0-beta7 Asterisk Asterisk Business Edition C Asterisk Asterisk Business Edition B.2.5.9 Asterisk Asterisk Business Edition B.2.5.8 Asterisk Asterisk Business Edition B.2.5.7 Asterisk Asterisk Business Edition B.2.5.6 Asterisk Asterisk Business Edition B.2.5.5 Asterisk Asterisk Business Edition B.2.5.4 Asterisk Asterisk Business Edition B.2.5.3 Asterisk Asterisk Business Edition B.2.5.2 Asterisk Asterisk Business Edition B.2.5.10 Asterisk Asterisk Business Edition B.2.5.1 Asterisk Asterisk Business Edition B.2.3.6 Asterisk Asterisk Business Edition B.2.3.5 Asterisk Asterisk Business Edition B.2.3.4 Asterisk Asterisk Business Edition B.2.3.3 Asterisk Asterisk Business Edition B.2.3.2 Asterisk Asterisk Business Edition B.2.3.1 Asterisk Asterisk Business Edition B.2.2.1 Asterisk Asterisk Business Edition B.2.2.1 Asterisk Asterisk Business Edition B.2.2.0 Asterisk Asterisk Business Edition B.2.2.0 Asterisk Asterisk Business Edition B.1.3.3 Asterisk Asterisk Business Edition B.1.3.2 Asterisk Asterisk Business Edition B Asterisk Asterisk Business Edition A Asterisk Asterisk 1.6.1 6 Asterisk Asterisk 1.6.1 5 Asterisk Asterisk 1.6.1 0-rc2 Asterisk Asterisk 1.6.1 0-rc1 Asterisk Asterisk 1.6.1 Asterisk Asterisk 1.6 beta6 Asterisk Asterisk 1.6 6 Asterisk Asterisk 1.6 3 Asterisk Asterisk 1.6 15 Asterisk Asterisk 1.6 14 Asterisk Asterisk 1.6 .8 Asterisk Asterisk 1.4.26 2 Asterisk Asterisk 1.4.26 1 Asterisk Asterisk 1.4.26 Asterisk Asterisk 1.4.24 .1 Asterisk Asterisk 1.4.24 Asterisk Asterisk 1.4.23 .2 Asterisk Asterisk 1.4.23 .1 Asterisk Asterisk 1.4.23 Asterisk Asterisk 1.4.22 1 Asterisk Asterisk 1.4.22 Asterisk Asterisk 1.4.21 2 Asterisk Asterisk 1.4.21 2 Asterisk Asterisk 1.4.19 rc3 Asterisk Asterisk 1.4.19 .1 Asterisk Asterisk 1.4.19 Asterisk Asterisk 1.4.18 1 Asterisk Asterisk 1.4.18 Asterisk Asterisk 1.4.17 Asterisk Asterisk 1.4.16 Asterisk Asterisk 1.4.15 Asterisk Asterisk 1.4.14 Asterisk Asterisk 1.4.13 Asterisk Asterisk 1.4.12 Asterisk Asterisk 1.4.11 Asterisk Asterisk 1.4.10 Asterisk Asterisk 1.4.9 Asterisk Asterisk 1.4.8 Asterisk Asterisk 1.4.7 Asterisk Asterisk 1.4.6 Asterisk Asterisk 1.4.5 Asterisk Asterisk 1.4.4 Asterisk Asterisk 1.4.3 Asterisk Asterisk 1.4.2 Asterisk Asterisk 1.4.1 Asterisk Asterisk 1.2.34 Asterisk Asterisk 1.2.34 Asterisk Asterisk 1.2.33 Asterisk Asterisk 1.2.32 Asterisk Asterisk 1.2.31 Asterisk Asterisk 1.2.30 4 Asterisk Asterisk 1.2.30 3 Asterisk Asterisk 1.2.30 Asterisk Asterisk 1.2.29 Asterisk Asterisk 1.2.28 Asterisk Asterisk 1.2.27 Asterisk Asterisk 1.2.27 Asterisk Asterisk 1.2.26 Asterisk Asterisk 1.2.25 Asterisk Asterisk 1.2.24 Asterisk Asterisk 1.2.23 Asterisk Asterisk 1.2.22 Asterisk Asterisk 1.2.21 Asterisk Asterisk 1.2.19 Asterisk Asterisk 1.2.18 Asterisk Asterisk 1.2.17 Asterisk Asterisk 1.2.16 Asterisk Asterisk 1.2.15 Asterisk Asterisk 1.2.14 Asterisk Asterisk 1.2.13 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.11 Asterisk Asterisk 1.2.10 Asterisk Asterisk 1.2.9 Asterisk Asterisk 1.2.8 Asterisk Asterisk 1.2.7 Asterisk Asterisk 1.2.6 Asterisk Asterisk 1.2.5 Asterisk Asterisk 1.2 .0-beta2 Asterisk Asterisk 1.2 .0-beta1 Asterisk Asterisk 1.0.12 Asterisk Asterisk 1.0.11 Asterisk Asterisk 1.0.10 Asterisk Asterisk 1.0.9 Asterisk Asterisk 1.0.8 Asterisk Asterisk 1.0.7 Asterisk Asterisk 1.0.6 Asterisk Asterisk 1.0 Asterisk Asterisk 0.9 .0 Asterisk Asterisk 0.7.2 Asterisk Asterisk 0.7.1 Asterisk Asterisk 0.7 .0 Asterisk Asterisk 0.4.1 Asterisk Asterisk 0.4 Asterisk Asterisk 0.3 Asterisk Asterisk 0.2 Asterisk Asterisk 0.1.11 Asterisk Asterisk 0.1.9 -1 Asterisk Asterisk 0.1.9 Asterisk Asterisk 0.1.8 Asterisk Asterisk 0.1.7 Asterisk Asterisk 1.6.1.8 Asterisk Asterisk 1.6.1.7 Asterisk Asterisk 1.6 Asterisk Asterisk 1.4 revision 95946 Asterisk Asterisk 1.4 Beta Asterisk Asterisk 1.0.3.4 Asterisk Asterisk 0
Not Vulnerable:	Asterisk s800i Appliance 1.3 5 Asterisk Asterisk Business Edition C.3.2 2 Asterisk Asterisk Business Edition C.2.4 5 Asterisk Asterisk Business Edition B.2.5 12 Asterisk Asterisk 1.6.1 9 Asterisk Asterisk 1.6 .17 Asterisk Asterisk 1.4.26 .3 Asterisk Asterisk 1.2.35