Oval Definition:	oval:com.ubuntu.cosmic:def:201714603000
Revision Date: 2017-10-09 Version: 1 Title: CVE-2017-14603 on Ubuntu 18.10 (cosmic) - medium. Description: In Asterisk 11.x before 11.25.3, 13.x before 13.17.2, and 14.x before 14.6.2 and Certified Asterisk 11.x before 11.6-cert18 and 13.x before 13.13-cert6, insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the "nat" and "symmetric_rtp" options allow redirecting where Asterisk sends the next RTCP report. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-14603 Platform(s): Ubuntu 18.10 Product(s): Definition Synopsis Ubuntu 18.10 (cosmic) is installed. AND NOT While related to the CVE in some way, the 'asterisk' package in cosmic is not affected (note: '1:13.18.3~dfsg-1ubuntu4').
BACK