|Category:||FreeBSD Local Security Checks|
|Title:||FreeBSD Ports: asterisk|
|Summary:||FreeBSD Ports: asterisk|
The remote host is missing an update to the system
as announced in the referenced advisory.
The following package is affected: asterisk
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and
earlier allows remote attackers to execute arbitrary code via a length
value that passes a length check as a negative number, but triggers a
buffer overflow when it is used as an unsigned length.
Update your system with the appropriate patches or
BugTraq ID: 17561|
Common Vulnerability Exposure (CVE) ID: CVE-2006-1827
Debian Security Information: DSA-1048 (Google Search)
SuSE Security Announcement: SUSE-SR:2006:009 (Google Search)
|Copyright||Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com|
|This is only one of 56160 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.