Download
| Alert*
oval:org.secpod.oval:def:1800155
CVE-2017-14098: Remote Crash Vulnerability in res_pjsip Fixed In Version: asterisk 13.17.1, asterisk 14.6.1 oval:org.secpod.oval:def:1800000 A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. Reference oval:org.secpod.oval:def:1900271 In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before13.13-cert5, unauthorized command execution is possible. The app_minivmmodule has an "externnotify" program configuration option that is executed by the MinivmNot ... oval:org.secpod.oval:def:44779 CVE-2017-14099: Media takeover in RTP stack Fixed In Version:¶ asterisk 13.17.1, asterisk 14.6.1 oval:org.secpod.oval:def:53128 Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in disclosure of RTP connections or the execution of arbitrary shell commands oval:org.secpod.oval:def:603089 Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in disclosure of RTP connections or the execution of arbitrary shell commands |