FreeBSD Local Security Checks : FreeBSD Ports: asterisk18

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.70618

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: asterisk18

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

asterisk18
asterisk

CVE-2011-4063
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x
before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize
variables during request parsing, which allows remote authenticated
users to cause a denial of service (daemon crash) via a malformed
request.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-4063
BugTraq ID: 50177
http://www.securityfocus.com/bid/50177
Bugtraq: 20111017 AST-2011-012: Remote crash vulnerability in SIP channel driver (Google Search)
http://www.securityfocus.com/archive/1/520141/100/0/threaded
http://www.securitytracker.com/id?1026191
http://secunia.com/advisories/46420
http://securityreason.com/securityalert/8478
XForce ISS Database: asterisk-sip-channel-driver-dos(70706)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70706

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.70618
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: asterisk18
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: asterisk18 asterisk CVE-2011-4063 chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4063 BugTraq ID: 50177 http://www.securityfocus.com/bid/50177 Bugtraq: 20111017 AST-2011-012: Remote crash vulnerability in SIP channel driver (Google Search) http://www.securityfocus.com/archive/1/520141/100/0/threaded http://www.securitytracker.com/id?1026191 http://secunia.com/advisories/46420 http://securityreason.com/securityalert/8478 XForce ISS Database: asterisk-sip-channel-driver-dos(70706) https://exchange.xforce.ibmcloud.com/vulnerabilities/70706
Copyright	Copyright (C) 2012 E-Soft Inc.