Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

Gentoo: GLSA-200610-15 High: Asterisk Remote Code Execution & DoS

gentoo
Calendar Grey October 30, 2006
Dist Gentoo Esm H88
Critical security alert for Asterisk on Gentoo: several weaknesses enabling remote code execution or service disruption.
Asterisk is vulnerable to the remote execution of arbitrary code or a Denial of Service.

Summary

Gentoo Linux Security Advisory GLSA 200610-15 https://security.gentoo.org/ Severity: High Title: Asterisk: Multiple vulnerabilities Date: October 30, 2006 Bugs: #144941, #151881 ID: 200610-15

Synopsis ======= Asterisk is vulnerable to the remote execution of arbitrary code or a Denial of Service.
Background ========= Asterisk is an open source implementation of a telephone private branch exchange (PBX).
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/asterisk < 1.2.13 >= 1.2.13
========== Asterisk contains buffer overflows in channels/chan_mgcp.c from the MGCP driver and in channels/chan_skinny.c from the Skinny channel driver for Cisco SCCP phone...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround