Oval Definition:
oval:org.mitre.oval:def:18041
Revision Date
:
2014-06-23
Version
:
6
Title
:
DSA-1417-1 asterisk - SQL injection
Description
:
Tilghman Lesher discovered that the logging engine of Asterisk, a free software PBX and telephony toolkit, performs insufficient sanitising of call-related data, which may lead to SQL injection.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2007-6170
DSA-1417-1
Platform(s)
:
Debian GNU/Linux 4.0
Product(s)
:
asterisk
Definition Synopsis
Debian GNU/Linux 4.0 is installed.
AND
asterisk DPKG is earlier than 1:1.2.13~dfsg-2etch2
BACK