Oval Definition:	oval:org.mitre.oval:def:15029
Revision Date: 2014-06-23 Version: 22 Title: DSA-2367-1 asterisk -- several Description: Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit: CVE-2011-4597 Ben Williams discovered that it was possible to enumerate SIP user names in some configurations. Please see README.Debian for more information on how to update your installation. CVE-2011-4598 Kristijan Vrban discovered that Asterisk can be crashed with malformed SIP packets if the "automon" feature is enabled. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2011-4597 CVE-2011-4598 DSA-2367-1 Platform(s): Debian GNU/kFreeBSD 6.0 Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Product(s): asterisk Definition Synopsis Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND asterisk DPKG is earlier than 1.4.21.2~dfsg-3+lenny6 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND Installed architecture is all AND asterisk DPKG is earlier than 1.6.2.9-2+squeeze4
BACK