Test ID:	1.3.6.1.4.1.25623.1.0.57913
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200610-15 (asterisk)
Summary:	The remote host is missing updates announced in;advisory GLSA 200610-15.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200610-15. Vulnerability Insight: Asterisk is vulnerable to the remote execution of arbitrary code or a Denial of Service. Solution: All Asterisk users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.2.13' CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4345 BugTraq ID: 19683 http://www.securityfocus.com/bid/19683 Bugtraq: 20060825 Multiple Vulnerabilities in Asterisk 1.2.10 (Fixed in 1.2.11) (Google Search) http://www.securityfocus.com/archive/1/444322/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200610-15.xml http://labs.musecurity.com/advisories/MU-200608-01.txt http://securitytracker.com/id?1016742 http://secunia.com/advisories/21600 http://secunia.com/advisories/22651 http://www.vupen.com/english/advisories/2006/3372 XForce ISS Database: asterisk-mgcp-bo(28542) https://exchange.xforce.ibmcloud.com/vulnerabilities/28542 Common Vulnerability Exposure (CVE) ID: CVE-2006-4346 XForce ISS Database: asterisk-record-code-execution(28544) https://exchange.xforce.ibmcloud.com/vulnerabilities/28544 XForce ISS Database: asterisk-record-directory-traversal(28564) https://exchange.xforce.ibmcloud.com/vulnerabilities/28564 Common Vulnerability Exposure (CVE) ID: CVE-2006-5444 BugTraq ID: 20617 http://www.securityfocus.com/bid/20617 Bugtraq: 20061018 Security-Assessment.com Advisory: Asterisk remote heap overflow (Google Search) http://www.securityfocus.com/archive/1/449127/100/0/threaded CERT/CC vulnerability note: VU#521252 http://www.kb.cert.org/vuls/id/521252 Debian Security Information: DSA-1229 (Google Search) http://www.us.debian.org/security/2006/dsa-1229 http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050171.html http://www.securityfocus.com/archive/1/449183/100/0/threaded http://www.osvdb.org/29972 http://securitytracker.com/id?1017089 http://secunia.com/advisories/22480 http://secunia.com/advisories/22979 http://secunia.com/advisories/23212 SuSE Security Announcement: SUSE-SA:2006:069 (Google Search) http://www.novell.com/linux/security/advisories/2006_69_asterisk.html http://www.vupen.com/english/advisories/2006/4097 XForce ISS Database: asterisk-getinput-code-execution(29663) https://exchange.xforce.ibmcloud.com/vulnerabilities/29663 Common Vulnerability Exposure (CVE) ID: CVE-2006-5445 BugTraq ID: 20835 http://www.securityfocus.com/bid/20835 http://www.osvdb.org/29973 http://www.vupen.com/english/advisories/2006/4098 XForce ISS Database: asterisk-channeldriver-dos(29664) https://exchange.xforce.ibmcloud.com/vulnerabilities/29664
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.