DSA-2225-1 asterisk -- several issuesID: oval:org.secpod.oval:def:600240 | Date: (C)2011-04-27 (M)2022-10-10 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit. CVE-2011-1147 Matthew Nicholson discovered that incorrect handling of UDPTL packets may lead to denial of service of the execution of arbitrary code. CVE-2011-1174 Blake Cornell discovered that incorrect connection handling in the manager interface may lead to denial of service. CVE-2011-1175 Blake Cornell and Chris May discovered that incorrect TCP connection handling may lead to denial of service. CVE-2011-1507 Tzafrir Cohen discovered that insufficient limitation of connection requests in several TCP based services may lead to denial of service. CVE-2011-1599 Matthew Nicholson discovered a privilege escalation vulnerability in the manager interface.
Platform: |
Debian 5.0 |
Debian 6.0 |