OVAL Reference oval:com.ubuntu.trusty:def:20122414000

Oval Definition:

oval:com.ubuntu.trusty:def:20122414000

Revision Date:	2012-04-30	Version:	1
Title:	CVE-2012-2414 on Ubuntu 14.04 LTS (trusty) - low.
Description:	main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2012-2414
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND NOT While related to the CVE in some way, the 'asterisk' package in trusty is not affected.