Vulnerability Name:

CVE-2016-9938 (CCN-119610)

Assigned:2016-11-11
Published:2016-11-11
Updated:2017-07-27
Summary:An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chan_sip channel driver has a liberal definition for whitespace when attempting to strip the content between a SIP header name and a colon character. Rather than following RFC 3261 and stripping only spaces and horizontal tabs, Asterisk treats any non-printable ASCII character as if it were whitespace. This means that headers such as Contact\x01: will be seen as a valid Contact header. This mostly does not pose a problem until Asterisk is placed in tandem with an authenticating SIP proxy. In such a case, a crafty combination of valid and invalid To headers can cause a proxy to allow an INVITE request into Asterisk without authentication since it believes the request is an in-dialog request. However, because of the bug described above, the request will look like an out-of-dialog request to Asterisk. Asterisk will then process the request as a new call. The result is that Asterisk can process calls from unvetted sources without any authentication. If you do not use a proxy for authentication, then this issue does not affect you. If your proxy is dialog-aware (meaning that the proxy keeps track of what dialogs are currently valid), then this issue does not affect you. If you use chan_pjsip instead of chan_sip, then this issue does not affect you.
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-285
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2016-9938

Source: CCN
Type: Asterisk Project Security Advisory - AST-2016-009
Authentication Bypass

Source: CONFIRM
Type: Mitigation, Vendor Advisory
http://downloads.asterisk.org/pub/security/AST-2016-009.html

Source: BID
Type: Third Party Advisory, VDB Entry
94789

Source: CCN
Type: BID-94789
Asterisk Open Source and Certified Asterisk 'chan_sip' Driver Authentication Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1037408

Source: XF
Type: UNKNOWN
asterisk-chansip-sec-bypass(119610)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:digium:asterisk:11.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.1.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.1.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.2.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.10.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.10.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.11.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.12.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.13.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.13.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.14.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.14.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.14.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.15.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.15.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.16.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.17.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.17.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.18.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.19.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.20.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.21.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.21.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.21.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.22.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.22.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.23.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.23.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.23.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.24.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.24.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:11.25.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.0.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.8.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.10.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.10.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.11.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.11.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.11.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.12.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.12.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:13.13.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:digium:asterisk:14.2.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:digium:certified_asterisk:11.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.1.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.1.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.1.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.2.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.3.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.3.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.4.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.4.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.4.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.5.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.5.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert1:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert10:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert11:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert12:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert13:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert14:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert15:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert1_rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert1_rc2:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert2:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert2:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert3:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert3:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert4:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert5:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert6:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert7:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert8:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6:cert9:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6.0:*:*:*:lts:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6.0:-:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:digium:certified_asterisk:11.6.0:rc2:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:digium:certified_asterisk:13.8:cert1:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.bionic:def:201699380000000
    V
    		CVE-2016-9938 on Ubuntu 18.04 LTS (bionic) - low.
    2016-12-12
    oval:com.ubuntu.artful:def:20169938000
    V
    		CVE-2016-9938 on Ubuntu 17.10 (artful) - low.
    2016-12-12
    oval:com.ubuntu.trusty:def:20169938000
    V
    		CVE-2016-9938 on Ubuntu 14.04 LTS (trusty) - low.
    2016-12-12
    oval:com.ubuntu.xenial:def:201699380000000
    V
    		CVE-2016-9938 on Ubuntu 16.04 LTS (xenial) - low.
    2016-12-12
    oval:com.ubuntu.bionic:def:20169938000
    V
    		CVE-2016-9938 on Ubuntu 18.04 LTS (bionic) - low.
    2016-12-12
    oval:com.ubuntu.xenial:def:20169938000
    V
    		CVE-2016-9938 on Ubuntu 16.04 LTS (xenial) - low.
    2016-12-12
    oval:com.ubuntu.disco:def:201699380000000
    V
    		CVE-2016-9938 on Ubuntu 19.04 (disco) - low.
    2016-12-12
    oval:com.ubuntu.cosmic:def:20169938000
    V
    		CVE-2016-9938 on Ubuntu 18.10 (cosmic) - low.
    2016-12-12
    oval:com.ubuntu.cosmic:def:201699380000000
    V
    		CVE-2016-9938 on Ubuntu 18.10 (cosmic) - low.
    2016-12-12
    oval:com.ubuntu.precise:def:20169938000
    V
    		CVE-2016-9938 on Ubuntu 12.04 LTS (precise) - low.
    2016-12-12
    BACK
    digium asterisk 11.0.0
    digium asterisk 11.0.0 beta1
    digium asterisk 11.0.0 beta2
    digium asterisk 11.0.0 rc1
    digium asterisk 11.0.0 rc2
    digium asterisk 11.0.1
    digium asterisk 11.0.2
    digium asterisk 11.1.0
    digium asterisk 11.1.0 rc1
    digium asterisk 11.1.0 rc3
    digium asterisk 11.1.1
    digium asterisk 11.1.2
    digium asterisk 11.2.0
    digium asterisk 11.2.0 rc1
    digium asterisk 11.2.0 rc2
    digium asterisk 11.2.1
    digium asterisk 11.2.2
    digium asterisk 11.3.0
    digium asterisk 11.4.0
    digium asterisk 11.5.0
    digium asterisk 11.5.1
    digium asterisk 11.6.0
    digium asterisk 11.6.1
    digium asterisk 11.7.0
    digium asterisk 11.8.0
    digium asterisk 11.8.1
    digium asterisk 11.9.0
    digium asterisk 11.10.0
    digium asterisk 11.10.1
    digium asterisk 11.10.2
    digium asterisk 11.11.0
    digium asterisk 11.12.0
    digium asterisk 11.12.1
    digium asterisk 11.13.0
    digium asterisk 11.13.1
    digium asterisk 11.14.0
    digium asterisk 11.14.1
    digium asterisk 11.14.2
    digium asterisk 11.15.0
    digium asterisk 11.15.1
    digium asterisk 11.16.0
    digium asterisk 11.17.0
    digium asterisk 11.17.1
    digium asterisk 11.18.0
    digium asterisk 11.19.0
    digium asterisk 11.20.0
    digium asterisk 11.21.0
    digium asterisk 11.21.1
    digium asterisk 11.21.2
    digium asterisk 11.22.0
    digium asterisk 11.22.0 rc1
    digium asterisk 11.23.0
    digium asterisk 11.23.0 rc1
    digium asterisk 11.23.1
    digium asterisk 11.24.0
    digium asterisk 11.24.1
    digium asterisk 11.25.0
    digium asterisk 13.0.0
    digium asterisk 13.0.0 beta1
    digium asterisk 13.0.0 beta2
    digium asterisk 13.0.0 beta3
    digium asterisk 13.0.1
    digium asterisk 13.0.2
    digium asterisk 13.1.0
    digium asterisk 13.1.1
    digium asterisk 13.2.0
    digium asterisk 13.2.1
    digium asterisk 13.3.0
    digium asterisk 13.3.1
    digium asterisk 13.3.2
    digium asterisk 13.4.0
    digium asterisk 13.5.0
    digium asterisk 13.6.0
    digium asterisk 13.7.0
    digium asterisk 13.7.1
    digium asterisk 13.7.2
    digium asterisk 13.8.0
    digium asterisk 13.8.0 rc1
    digium asterisk 13.8.1
    digium asterisk 13.8.2
    digium asterisk 13.9.0
    digium asterisk 13.9.1
    digium asterisk 13.10.0
    digium asterisk 13.10.0 rc1
    digium asterisk 13.11.0
    digium asterisk 13.11.1
    digium asterisk 13.11.2
    digium asterisk 13.12.0
    digium asterisk 13.12.1
    digium asterisk 13.12.2
    digium asterisk 13.13.0
    digium asterisk 14.0.0
    digium asterisk 14.0.0 beta1
    digium asterisk 14.0.0 beta2
    digium asterisk 14.0.0 rc1
    digium asterisk 14.0.0 rc2
    digium asterisk 14.0.1
    digium asterisk 14.0.2
    digium asterisk 14.1.0
    digium asterisk 14.1.1
    digium asterisk 14.1.2
    digium asterisk 14.2.0
    digium certified asterisk 11.0.0
    digium certified asterisk 11.0.0 rc1
    digium certified asterisk 11.0.0 rc2
    digium certified asterisk 11.1.0
    digium certified asterisk 11.1.0 rc1
    digium certified asterisk 11.1.0 rc2
    digium certified asterisk 11.1.0 rc3
    digium certified asterisk 11.2.0
    digium certified asterisk 11.2.0 rc1
    digium certified asterisk 11.2.0 rc2
    digium certified asterisk 11.3.0
    digium certified asterisk 11.3.0 rc1
    digium certified asterisk 11.3.0 rc2
    digium certified asterisk 11.4.0
    digium certified asterisk 11.4.0 rc1
    digium certified asterisk 11.4.0 rc2
    digium certified asterisk 11.4.0 rc3
    digium certified asterisk 11.5.0
    digium certified asterisk 11.5.0 rc1
    digium certified asterisk 11.5.0 rc2
    digium certified asterisk 11.6 cert1
    digium certified asterisk 11.6 cert1
    digium certified asterisk 11.6 cert10
    digium certified asterisk 11.6 cert11
    digium certified asterisk 11.6 cert12
    digium certified asterisk 11.6 cert13
    digium certified asterisk 11.6 cert14
    digium certified asterisk 11.6 cert15
    digium certified asterisk 11.6 cert1_rc1
    digium certified asterisk 11.6 cert1_rc2
    digium certified asterisk 11.6 cert2
    digium certified asterisk 11.6 cert2
    digium certified asterisk 11.6 cert3
    digium certified asterisk 11.6 cert3
    digium certified asterisk 11.6 cert4
    digium certified asterisk 11.6 cert5
    digium certified asterisk 11.6 cert6
    digium certified asterisk 11.6 cert7
    digium certified asterisk 11.6 cert8
    digium certified asterisk 11.6 cert9
    digium certified asterisk 11.6.0
    digium certified asterisk 11.6.0 -
    digium certified asterisk 11.6.0 rc1
    digium certified asterisk 11.6.0 rc2
    digium certified asterisk 13.8 cert1