Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2016-0086)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.131250

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2016-0086)

Resumen: The remote host is missing an update for the 'asterisk' package(s) announced via the MGASA-2016-0086 advisory.

Descripción: Summary:
The remote host is missing an update for the 'asterisk' package(s) announced via the MGASA-2016-0086 advisory.

Vulnerability Insight:
Updated asterisk packages fix security vulnerability:

chan_sip in Asterisk Open Source 11.x before 11.21.1, when the timert1 sip.conf
configuration is set to a value greater than 1245, allows remote attackers to
cause a denial of service (file descriptor consumption) via vectors related to
large retransmit timeout values (CVE-2016-2316).

Affected Software/OS:
'asterisk' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-2316
BugTraq ID: 82651
http://www.securityfocus.com/bid/82651
Debian Security Information: DSA-3700 (Google Search)
http://www.debian.org/security/2016/dsa-3700
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177422.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177409.html
http://www.securitytracker.com/id/1034930

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.131250
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0086)
Resumen:	The remote host is missing an update for the 'asterisk' package(s) announced via the MGASA-2016-0086 advisory.
Descripción:	Summary: The remote host is missing an update for the 'asterisk' package(s) announced via the MGASA-2016-0086 advisory. Vulnerability Insight: Updated asterisk packages fix security vulnerability: chan_sip in Asterisk Open Source 11.x before 11.21.1, when the timert1 sip.conf configuration is set to a value greater than 1245, allows remote attackers to cause a denial of service (file descriptor consumption) via vectors related to large retransmit timeout values (CVE-2016-2316). Affected Software/OS: 'asterisk' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2316 BugTraq ID: 82651 http://www.securityfocus.com/bid/82651 Debian Security Information: DSA-3700 (Google Search) http://www.debian.org/security/2016/dsa-3700 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177422.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177409.html http://www.securitytracker.com/id/1034930
Copyright	Copyright (C) 2016 Greenbone AG