Asterisk Predictable HTTP Manager Session ID Security Bypass Vulnerability

Bugtraq ID: 28316
Class: Design Error
CVE: CVE-2008-1390
Remote: Yes
Local: No
Published: Mar 19 2008 12:00AM
Updated: Apr 13 2015 09:33PM
Credit: Dino A. Dai Zovi
Vulnerable: Redhat Fedora 7
Asterisk s800i Appliance 1.1 .0
Asterisk s800i Appliance 1.0.3
Asterisk s800i Appliance 1.0.2
Asterisk s800i Appliance 1.0.1
Asterisk s800i Appliance 1.0
Asterisk AsteriskNow Beta 7
Asterisk AsteriskNow Beta 6
Asterisk AsteriskNow Beta 5
Asterisk AsteriskNow 1.0
Asterisk Asterisk Business Edition C.1.0-beta8
Asterisk Asterisk Business Edition C.1.0-beta7
Asterisk Asterisk Appliance Developer Kit 0.8
Asterisk Asterisk Appliance Developer Kit 0.7
Asterisk Asterisk Appliance Developer Kit 0.6
Asterisk Asterisk Appliance Developer Kit 0.5
Asterisk Asterisk Appliance Developer Kit 0.4
Asterisk Asterisk Appliance Developer Kit 0.3
Asterisk Asterisk Appliance Developer Kit 0.2
Asterisk Asterisk Appliance Developer Kit 1.4
Asterisk Asterisk 1.4.17
Asterisk Asterisk 1.4.16
Asterisk Asterisk 1.4.15
Asterisk Asterisk 1.4.14
Asterisk Asterisk 1.4.13
Asterisk Asterisk 1.4.12
Asterisk Asterisk 1.4.11
Asterisk Asterisk 1.4.10
Asterisk Asterisk 1.4.9
Asterisk Asterisk 1.4.8
Asterisk Asterisk 1.4.7
Asterisk Asterisk 1.4.6
Asterisk Asterisk 1.4.5
Asterisk Asterisk 1.4.4
Asterisk Asterisk 1.4.3
Asterisk Asterisk 1.4.2
Asterisk Asterisk 1.4.1
Asterisk Asterisk 1.6
Asterisk Asterisk 1.4.18.1
Asterisk Asterisk 1.4 revision 95946
Asterisk Asterisk 1.4 Beta
Not Vulnerable: Asterisk s800i Appliance 1.1 .2
Asterisk AsteriskNow 1.0.2
Asterisk Asterisk Business Edition C.1.6
Asterisk Asterisk Appliance Developer Kit 1.4.revision 104704
Asterisk Asterisk 1.6 beta6
Asterisk Asterisk 1.4.19 -rc3


 

Privacy Statement
Copyright 2010, SecurityFocus