Test ID:	1.3.6.1.4.1.25623.1.0.70784
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 201110-21 (Asterisk)
Summary:	The remote host is missing updates announced in;advisory GLSA 201110-21.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 201110-21. Vulnerability Insight: Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. Solution: All asterisk 1.6.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.6.2.18.2' All asterisk 1.8.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.8.7.1' CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1147 BugTraq ID: 46474 http://www.securityfocus.com/bid/46474 Debian Security Information: DSA-2225 (Google Search) http://www.debian.org/security/2011/dsa-2225 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html http://www.openwall.com/lists/oss-security/2011/03/11/2 http://www.openwall.com/lists/oss-security/2011/03/11/8 http://www.securitytracker.com/id?1025101 http://secunia.com/advisories/43429 http://secunia.com/advisories/43702 http://www.vupen.com/english/advisories/2011/0635 Common Vulnerability Exposure (CVE) ID: CVE-2011-1174 1025223 http://securitytracker.com/id?1025223 46897 http://www.securityfocus.com/bid/46897 ADV-2011-0686 http://www.vupen.com/english/advisories/2011/0686 ADV-2011-0790 http://www.vupen.com/english/advisories/2011/0790 DSA-2225 FEDORA-2011-3942 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057163.html FEDORA-2011-3945 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057156.html FEDORA-2011-3958 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056945.html [oss-security] 20110317 CVE request for Asterisk flaws http://openwall.com/lists/oss-security/2011/03/17/5 [oss-security] 20110321 Re: CVE request for Asterisk flaws http://openwall.com/lists/oss-security/2011/03/21/12 asterisk-writes-dos(66139) https://exchange.xforce.ibmcloud.com/vulnerabilities/66139 http://downloads.asterisk.org/pub/security/AST-2011-003.html https://bugzilla.redhat.com/show_bug.cgi?id=688675 Common Vulnerability Exposure (CVE) ID: CVE-2011-1175 1025224 http://securitytracker.com/id?1025224 46898 http://www.securityfocus.com/bid/46898 asterisk-handletcptlsconnection-dos(66140) https://exchange.xforce.ibmcloud.com/vulnerabilities/66140 http://downloads.asterisk.org/pub/security/AST-2011-004.html https://bugzilla.redhat.com/show_bug.cgi?id=688678 Common Vulnerability Exposure (CVE) ID: CVE-2011-1507 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058922.html http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html http://securitytracker.com/id?1025432 http://secunia.com/advisories/44197 http://secunia.com/advisories/44529 http://www.vupen.com/english/advisories/2011/1086 http://www.vupen.com/english/advisories/2011/1107 http://www.vupen.com/english/advisories/2011/1188 Common Vulnerability Exposure (CVE) ID: CVE-2011-1599 1025433 http://securitytracker.com/id?1025433 44197 44529 47537 http://www.securityfocus.com/bid/47537 ADV-2011-1086 ADV-2011-1107 ADV-2011-1188 FEDORA-2011-5835 FEDORA-2011-6208 [oss-security] 20110422 Re: CVE Request -- Asterisk Security Vulnerability http://openwall.com/lists/oss-security/2011/04/22/6 http://downloads.digium.com/pub/security/AST-2011-006.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2529 BugTraq ID: 48431 http://www.securityfocus.com/bid/48431 Debian Security Information: DSA-2276 (Google Search) http://www.debian.org/security/2011/dsa-2276 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062628.html http://www.osvdb.org/73307 http://securitytracker.com/id?1025706 http://secunia.com/advisories/45048 http://secunia.com/advisories/45201 http://secunia.com/advisories/45239 XForce ISS Database: asterisk-sipsockread-dos(68203) https://exchange.xforce.ibmcloud.com/vulnerabilities/68203 Common Vulnerability Exposure (CVE) ID: CVE-2011-2535 http://www.osvdb.org/73309 http://securitytracker.com/id?1025708 http://secunia.com/advisories/44973 XForce ISS Database: asterisk-iax2channeldriver-dos(68205) https://exchange.xforce.ibmcloud.com/vulnerabilities/68205 Common Vulnerability Exposure (CVE) ID: CVE-2011-2536 http://www.securitytracker.com/id?1025734 Common Vulnerability Exposure (CVE) ID: CVE-2011-2665 Common Vulnerability Exposure (CVE) ID: CVE-2011-2666 XForce ISS Database: asterisk-sip-channel-info-disclosure(68472) https://exchange.xforce.ibmcloud.com/vulnerabilities/68472 Common Vulnerability Exposure (CVE) ID: CVE-2011-4063 BugTraq ID: 50177 http://www.securityfocus.com/bid/50177 Bugtraq: 20111017 AST-2011-012: Remote crash vulnerability in SIP channel driver (Google Search) http://www.securityfocus.com/archive/1/520141/100/0/threaded http://www.securitytracker.com/id?1026191 http://secunia.com/advisories/46420 http://securityreason.com/securityalert/8478 XForce ISS Database: asterisk-sip-channel-driver-dos(70706) https://exchange.xforce.ibmcloud.com/vulnerabilities/70706
Copyright	Copyright (C) 2012 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.