DSA-2367-1 asterisk -- several issuesID: oval:org.secpod.oval:def:600682 | Date: (C)2012-01-30 (M)2022-10-10 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit: CVE-2011-4597 Ben Williams discovered that it was possible to enumerate SIP user names in some configurations. Please see README.Debian for more information on how to update your installation. CVE-2011-4598 Kristijan Vrban discovered that Asterisk can be crashed with malformed SIP packets if the "automon" feature is enabled.
Platform: |
Debian 5.0 |
Debian 6.0 |