Joined: 12 May 2004
|Posted: Sun Nov 23, 2014 9:26 pm Post subject: [ GLSA 201411-10 ] Asterisk: Multiple Vulnerabilities
|Gentoo Linux Security Advisory
Title: Asterisk: Multiple Vulnerabilities (GLSA 201411-10)
Date: November 23, 2014
Bug(s): #523216, #526208
Multiple vulnerabilities have been found in Asterisk, the worst of
which could lead to Denial of Service.
Asterisk is an open source telephony engine and toolkit.
Vulnerable: < 11.13.1
Unaffected: >= 11.13.1
Architectures: All supported architectures
Multiple unspecified vulnerabilities have been discovered in Asterisk.
Please review the CVE identifiers referenced below for details.
A remote attacker could exploit the vulnerabilities to cause a man in
the middle attack or cause a Denial of Service condition.
There is no known workaround at this time.
All Asterisk users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/asterisk-11.13.1"