Unrated severityNVD Advisory· Published Apr 1, 2010· Updated Jun 16, 2026
CVE-2010-1224
CVE-2010-1224
Description
main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
64cpe:2.3:a:digium:asterisk:1.6.0:*:*:*:*:*:*:*+ 62 more
- cpe:2.3:a:digium:asterisk:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.16:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.16:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.18:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.18:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.18:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.20:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.21:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.23:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.10:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.10:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.10:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.12:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.13:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.15:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.7:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.7:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.0:rc6:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.0:rc7:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.0:rc8:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:1.6.2.4:*:*:*:*:*:*:*
- Range: <1.6.0.25, <1.6.1.17, <1.6.2.5
Patches
Vulnerability mechanics
References
12- downloads.asterisk.org/pub/security/AST-2010-003-1.6.2.diffnvdPatch
- secunia.com/advisories/38752nvdVendor Advisory
- www.vupen.com/english/advisories/2010/0475nvdVendor Advisory
- downloads.asterisk.org/pub/security/AST-2010-003-1.6.0.diffnvd
- downloads.asterisk.org/pub/security/AST-2010-003-1.6.1.diffnvd
- downloads.asterisk.org/pub/security/AST-2010-003.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-March/037679.htmlnvd
- osvdb.org/62588nvd
- secunia.com/advisories/39096nvd
- www.securityfocus.com/archive/1/509757/100/0/threadednvd
- www.securityfocus.com/bid/38424nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/56552nvd
News mentions
0No linked articles in our index yet.