Test ID:	1.3.6.1.4.1.25623.1.0.56961
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200606-15 (asterisk)
Summary:	The remote host is missing updates announced in;advisory GLSA 200606-15.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200606-15. Vulnerability Insight: Asterisk contains a bug in the IAX2 channel driver making it vulnerable to the remote execution of arbitrary code. Solution: All Asterisk users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.0.11_p1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2898 BugTraq ID: 18295 http://www.securityfocus.com/bid/18295 Bugtraq: 20060606 Asterisk 1.2.9 and Asterisk 1.0.11 Released - Security Fix (Google Search) http://www.securityfocus.com/archive/1/436127/100/0/threaded Bugtraq: 20060609 CORE-2006-0330: Asterisk PBX truncated video frame vulnerability (Google Search) http://www.securityfocus.com/archive/1/436671/100/0/threaded Debian Security Information: DSA-1126 (Google Search) http://www.debian.org/security/2006/dsa-1126 http://www.gentoo.org/security/en/glsa/glsa-200606-15.xml http://securitytracker.com/id?1016236 http://secunia.com/advisories/20497 http://secunia.com/advisories/20658 http://secunia.com/advisories/20899 http://secunia.com/advisories/21222 SuSE Security Announcement: SUSE-SR:2006:015 (Google Search) http://www.novell.com/linux/security/advisories/2006_38_security.html http://www.vupen.com/english/advisories/2006/2181 XForce ISS Database: asterisk-iax2-videoframe-bo(27045) https://exchange.xforce.ibmcloud.com/vulnerabilities/27045
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.