CVE-2008-5558
Asterisk Business Edition - Authentication Bypass
Title source: ruleDescription
Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unknown user or (2) a user using hostname matching.
References (10)
Scores
EPSS
0.0209
EPSS Percentile
83.8%
Classification
CWE
CWE-287
Status
draft
Affected Products (17)
asterisk/asterisk_business_edition
asterisk/asterisk_business_edition
asterisk/asterisk_business_edition
asterisk/asterisk_business_edition
asterisk/asterisk_business_edition
asterisk/open_source
asterisk/open_source
asterisk/open_source
asterisk/open_source
asterisk/open_source
asterisk/open_source
asterisk/open_source
asterisk/open_source
asterisk/open_source
asterisk/open_source
... and 2 more
Timeline
Published
Dec 17, 2008
Tracked Since
Feb 18, 2026