Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200606-15 (asterisk)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56961

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200606-15 (asterisk)

Resumen: The remote host is missing updates announced in;advisory GLSA 200606-15.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200606-15.

Vulnerability Insight:
Asterisk contains a bug in the IAX2 channel driver making it vulnerable to
the remote execution of arbitrary code.

Solution:
All Asterisk users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.0.11_p1'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-2898
BugTraq ID: 18295
http://www.securityfocus.com/bid/18295
Bugtraq: 20060606 Asterisk 1.2.9 and Asterisk 1.0.11 Released - Security Fix (Google Search)
http://www.securityfocus.com/archive/1/436127/100/0/threaded
Bugtraq: 20060609 CORE-2006-0330: Asterisk PBX truncated video frame vulnerability (Google Search)
http://www.securityfocus.com/archive/1/436671/100/0/threaded
Debian Security Information: DSA-1126 (Google Search)
http://www.debian.org/security/2006/dsa-1126
http://www.gentoo.org/security/en/glsa/glsa-200606-15.xml
http://securitytracker.com/id?1016236
http://secunia.com/advisories/20497
http://secunia.com/advisories/20658
http://secunia.com/advisories/20899
http://secunia.com/advisories/21222
SuSE Security Announcement: SUSE-SR:2006:015 (Google Search)
http://www.novell.com/linux/security/advisories/2006_38_security.html
http://www.vupen.com/english/advisories/2006/2181
XForce ISS Database: asterisk-iax2-videoframe-bo(27045)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27045

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56961
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200606-15 (asterisk)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200606-15.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200606-15. Vulnerability Insight: Asterisk contains a bug in the IAX2 channel driver making it vulnerable to the remote execution of arbitrary code. Solution: All Asterisk users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.0.11_p1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2898 BugTraq ID: 18295 http://www.securityfocus.com/bid/18295 Bugtraq: 20060606 Asterisk 1.2.9 and Asterisk 1.0.11 Released - Security Fix (Google Search) http://www.securityfocus.com/archive/1/436127/100/0/threaded Bugtraq: 20060609 CORE-2006-0330: Asterisk PBX truncated video frame vulnerability (Google Search) http://www.securityfocus.com/archive/1/436671/100/0/threaded Debian Security Information: DSA-1126 (Google Search) http://www.debian.org/security/2006/dsa-1126 http://www.gentoo.org/security/en/glsa/glsa-200606-15.xml http://securitytracker.com/id?1016236 http://secunia.com/advisories/20497 http://secunia.com/advisories/20658 http://secunia.com/advisories/20899 http://secunia.com/advisories/21222 SuSE Security Announcement: SUSE-SR:2006:015 (Google Search) http://www.novell.com/linux/security/advisories/2006_38_security.html http://www.vupen.com/english/advisories/2006/2181 XForce ISS Database: asterisk-iax2-videoframe-bo(27045) https://exchange.xforce.ibmcloud.com/vulnerabilities/27045
Copyright	Copyright (C) 2008 E-Soft Inc.