Joined: 12 May 2004
|Posted: Sun Dec 28, 2014 7:26 pm Post subject: [ GLSA 201412-51 ] Asterisk
|Gentoo Linux Security Advisory
Title: Asterisk: Multiple vulnerabilities (GLSA 201412-51)
Date: December 28, 2014
Bug(s): #530056, #532242
Multiple vulnerabilities have been found in Asterisk, the worst of
which could lead to Denial of Service, bypass intended ACL restrictions or
allow an authenticated user to gain escalated privileges.
Asterisk is an open source telephony engine and toolkit.
Vulnerable: < 11.14.2
Unaffected: >= 11.14.2
Architectures: All supported architectures
Multiple unspecified vulnerabilities have been discovered in Asterisk.
Please review the CVE identifiers referenced below for details.
Unauthenticated remote attackers can cause Denial of Service or bypass
intended ACL restrictions. Authenticated remote attackers can gain
There is no known workaround at this time.
All asterisk users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/asterisk-11.14.2"
Last edited by GLSA on Thu Jun 18, 2015 4:16 am; edited 1 time in total