SecuritySpace - CVE-2012-4737

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2012-4737

Description: channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during certain uses of peer credentials, which allows remote authenticated users to bypass intended outbound-call restrictions by leveraging the availability of these credentials.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2012-4737
BugTraq ID: 55335
http://www.securityfocus.com/bid/55335
Debian Security Information: DSA-2550 (Google Search)
http://www.debian.org/security/2012/dsa-2550
http://www.securitytracker.com/id?1027461
http://secunia.com/advisories/50687
http://secunia.com/advisories/50756

CVE ID:	CVE-2012-4737
Description:	channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during certain uses of peer credentials, which allows remote authenticated users to bypass intended outbound-call restrictions by leveraging the availability of these credentials.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2012-4737 BugTraq ID: 55335 http://www.securityfocus.com/bid/55335 Debian Security Information: DSA-2550 (Google Search) http://www.debian.org/security/2012/dsa-2550 http://www.securitytracker.com/id?1027461 http://secunia.com/advisories/50687 http://secunia.com/advisories/50756