GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Sun Nov 23, 2014 9:26 pm Post subject: [ GLSA 201411-10 ] Asterisk: Multiple Vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: Asterisk: Multiple Vulnerabilities (GLSA 201411-10)
Severity: normal
Exploitable: remote
Date: November 23, 2014
Bug(s): #523216, #526208
ID: 201411-10
Synopsis
Multiple vulnerabilities have been found in Asterisk, the worst of
which could lead to Denial of Service.
Background
Asterisk is an open source telephony engine and toolkit.
Affected Packages
Package: net-misc/asterisk
Vulnerable: < 11.13.1
Unaffected: >= 11.13.1
Architectures: All supported architectures
Description
Multiple unspecified vulnerabilities have been discovered in Asterisk.
Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could exploit the vulnerabilities to cause a man in
the middle attack or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Asterisk users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/asterisk-11.13.1"
|
References
CVE-2014-3566
CVE-2014-6610 |
|
News & Announcements
