ID OPENVAS:71364 Type openvas Reporter Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com Modified 2017-04-19T00:00:00
Description
The remote host is missing an update to the system
as announced in the referenced advisory.
#
#VID 359f615d-a9e1-11e1-8a66-14dae9ebcf89
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from VID 359f615d-a9e1-11e1-8a66-14dae9ebcf89
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "The following packages are affected:
asterisk16
asterisk18
asterisk10";
tag_solution = "Update your system with the appropriate patches or
software upgrades.
http://downloads.digium.com/pub/security/AST-2012-007.html
http://downloads.digium.com/pub/security/AST-2012-008.html
https://www.asterisk.org/security
http://www.vuxml.org/freebsd/359f615d-a9e1-11e1-8a66-14dae9ebcf89.html";
tag_summary = "The remote host is missing an update to the system
as announced in the referenced advisory.";
if(description)
{
script_id(71364);
script_cve_id("CVE-2012-2947", "CVE-2012-2948");
script_tag(name:"cvss_base", value:"4.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:N/I:N/A:P");
script_version("$Revision: 5977 $");
script_tag(name:"last_modification", value:"$Date: 2017-04-19 11:02:22 +0200 (Wed, 19 Apr 2017) $");
script_tag(name:"creation_date", value:"2012-05-31 11:53:50 -0400 (Thu, 31 May 2012)");
script_name("FreeBSD Ports: asterisk16");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsdrel", "login/SSH/success");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-bsd.inc");
vuln = 0;
txt = "";
bver = portver(pkg:"asterisk16");
if(!isnull(bver) && revcomp(a:bver, b:"1.6")>0 && revcomp(a:bver, b:"1.6.2.24")<=0) {
txt += "Package asterisk16 version " + bver + " is installed which is known to be vulnerable.\n";
vuln = 1;
}
bver = portver(pkg:"asterisk18");
if(!isnull(bver) && revcomp(a:bver, b:"1.8")>0 && revcomp(a:bver, b:"1.8.12.1")<0) {
txt += "Package asterisk18 version " + bver + " is installed which is known to be vulnerable.\n";
vuln = 1;
}
bver = portver(pkg:"asterisk10");
if(!isnull(bver) && revcomp(a:bver, b:"10")>0 && revcomp(a:bver, b:"10.4.1")<0) {
txt += "Package asterisk10 version " + bver + " is installed which is known to be vulnerable.\n";
vuln = 1;
}
if(vuln) {
security_message(data:string(txt ));
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:71364", "type": "openvas", "bulletinFamily": "scanner", "title": "FreeBSD Ports: asterisk16", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2012-05-31T00:00:00", "modified": "2017-04-19T00:00:00", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=71364", "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2012-2948", "CVE-2012-2947"], "lastseen": "2017-07-02T21:10:41", "viewCount": 0, "enchantments": {"score": {"value": 6.0, "vector": "NONE", "modified": "2017-07-02T21:10:41", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-2947", "CVE-2012-2948"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-201206-05.NASL", "FEDORA_2012-8692.NASL", "ASTERISK_AST_2012_008.NASL", "ASTERISK_AST_2012_007.NASL", "FEDORA_2012-8670.NASL", "FREEBSD_PKG_359F615DA9E111E18A6614DAE9EBCF89.NASL", "FEDORA_2012-8685.NASL", "DEBIAN_DSA-2493.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:864464", "OPENVAS:71471", "OPENVAS:136141256231071572", "OPENVAS:136141256231071364", "OPENVAS:136141256231071471", "OPENVAS:864473", "OPENVAS:864417", "OPENVAS:71572", "OPENVAS:1361412562310864473", "OPENVAS:1361412562310864464"]}, {"type": "freebsd", "idList": ["359F615D-A9E1-11E1-8A66-14DAE9EBCF89"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28097", "SECURITYVULNS:DOC:28098", "SECURITYVULNS:VULN:12393"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2493-1:09782"]}, {"type": "gentoo", "idList": ["GLSA-201206-05"]}], "modified": "2017-07-02T21:10:41", "rev": 2}, "vulnersScore": 6.0}, "pluginID": "71364", "sourceData": "#\n#VID 359f615d-a9e1-11e1-8a66-14dae9ebcf89\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 359f615d-a9e1-11e1-8a66-14dae9ebcf89\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n asterisk16\n asterisk18\n asterisk10\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://downloads.digium.com/pub/security/AST-2012-007.html\nhttp://downloads.digium.com/pub/security/AST-2012-008.html\nhttps://www.asterisk.org/security\nhttp://www.vuxml.org/freebsd/359f615d-a9e1-11e1-8a66-14dae9ebcf89.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71364);\n script_cve_id(\"CVE-2012-2947\", \"CVE-2012-2948\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_version(\"$Revision: 5977 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-19 11:02:22 +0200 (Wed, 19 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-31 11:53:50 -0400 (Thu, 31 May 2012)\");\n script_name(\"FreeBSD Ports: asterisk16\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"asterisk16\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6\")>0 && revcomp(a:bver, b:\"1.6.2.24\")<=0) {\n txt += \"Package asterisk16 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"asterisk18\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8\")>0 && revcomp(a:bver, b:\"1.8.12.1\")<0) {\n txt += \"Package asterisk18 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"asterisk10\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10\")>0 && revcomp(a:bver, b:\"10.4.1\")<0) {\n txt += \"Package asterisk10 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "FreeBSD Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:59:50", "description": "chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service (daemon crash) by placing a call on hold.", "edition": 4, "cvss3": {}, "published": "2012-06-02T15:55:00", "title": "CVE-2012-2947", "type": "cve", "cwe": ["CWE-284"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2947"], "modified": "2017-11-13T16:44:00", "cpe": ["cpe:/a:digium:asterisk:1.8.10.1", "cpe:/a:digium:asterisk:10.2.1", "cpe:/a:digium:certified_asterisk:1.8.11", "cpe:/a:digium:asterisk:1.8.8.1", "cpe:/a:digium:asterisk:1.8.4.1", "cpe:/o:debian:debian_linux:6.0", "cpe:/a:digium:asterisk:1.8.11.0", "cpe:/a:digium:asterisk:10.1.3", "cpe:/a:digium:asterisk:1.8.3.1", "cpe:/a:digium:asterisk:10.3.0", "cpe:/a:digium:asterisk:1.8.0", "cpe:/a:digium:asterisk:1.8.11.1", "cpe:/a:digium:asterisk:1.8.4.2", "cpe:/a:digium:asterisk:1.8.2.3", "cpe:/a:digium:asterisk:1.8.2.1", "cpe:/a:digium:asterisk:1.8.12.0", "cpe:/a:digium:asterisk:1.8.9.2", "cpe:/a:digium:asterisk:1.8.6.0", "cpe:/a:digium:asterisk:1.8.5", "cpe:/a:digium:asterisk:1.8.9.3", "cpe:/a:digium:asterisk:1.8.7.0", "cpe:/a:digium:asterisk:1.8.5.0", "cpe:/a:digium:asterisk:10.3.1", "cpe:/a:digium:asterisk:1.8.4.3", "cpe:/a:digium:asterisk:1.8.4.4", "cpe:/a:digium:asterisk:1.8.12", "cpe:/a:digium:asterisk:1.8.2.4", "cpe:/a:digium:asterisk:10.1.0", "cpe:/a:digium:asterisk:1.8.9.0", "cpe:/a:digium:asterisk:1.8.8.0", "cpe:/a:digium:asterisk:1.8.8.2", "cpe:/a:digium:asterisk:1.8.2.2", "cpe:/a:digium:asterisk:1.8.1.1", "cpe:/a:digium:asterisk:10.0.0", "cpe:/a:digium:asterisk:10.4.0", "cpe:/a:digium:asterisk:10.0.1", "cpe:/a:digium:asterisk:1.8.3.3", "cpe:/a:digium:asterisk:1.8.4", "cpe:/a:digium:asterisk:1.8.3.2", "cpe:/a:digium:asterisk:1.8.1.2", "cpe:/a:digium:asterisk:10.2.0", "cpe:/a:digium:asterisk:1.8.2", "cpe:/a:digium:asterisk:1.8.1", "cpe:/a:digium:asterisk:1.8.3", "cpe:/a:digium:asterisk:1.8.7.1", "cpe:/a:digium:asterisk:1.8.9.1", "cpe:/a:digium:asterisk:1.8.10.0", "cpe:/a:digium:asterisk:10.1.1", "cpe:/a:digium:asterisk:10.1.2"], "id": "CVE-2012-2947", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2947", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:digium:asterisk:1.8.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:1.8.11:cert:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.8.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.10.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.11.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.8.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.6.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.10.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.8.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.12:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.12.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.4.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.12.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.10.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.10.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.8.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.12.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.11.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:10.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:digium:asterisk:1.8.9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:59:50", "description": "chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by closing a connection in off-hook mode.", "edition": 6, "cvss3": {}, "published": "2012-06-02T15:55:00", "title": "CVE-2012-2948", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2948"], "modified": "2017-08-29T01:31:00", "cpe": ["cpe:/a:asterisk:open_source:1.8.3", "cpe:/a:asterisk:certified_asterisk:1.8.11", "cpe:/a:asterisk:open_source:10.3.0", "cpe:/a:asterisk:open_source:1.8.12.0", "cpe:/a:asterisk:open_source:1.8.7.0", "cpe:/a:asterisk:open_source:1.8.0", "cpe:/a:asterisk:open_source:1.8.8.0", "cpe:/a:asterisk:open_source:10.3", "cpe:/a:asterisk:open_source:1.8.2", "cpe:/a:asterisk:open_source:1.8.12", "cpe:/a:asterisk:open_source:10.4.0", "cpe:/a:asterisk:open_source:1.8.11.0", "cpe:/a:asterisk:open_source:1.8.5", "cpe:/a:asterisk:open_source:10.1.0", "cpe:/a:asterisk:open_source:1.8.9.0", "cpe:/a:asterisk:open_source:10.2.0", "cpe:/a:asterisk:open_source:1.8.1", "cpe:/a:asterisk:open_source:1.8.6.0", "cpe:/a:asterisk:open_source:10.0.0", "cpe:/a:asterisk:open_source:1.8.10.0", "cpe:/a:asterisk:open_source:1.8.5.0"], "id": "CVE-2012-2948", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2948", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:asterisk:open_source:1.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.3:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.12:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.4.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:38:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948", "CVE-2012-2947"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2012-05-31T00:00:00", "id": "OPENVAS:136141256231071364", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071364", "type": "openvas", "title": "FreeBSD Ports: asterisk16", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_asterisk161.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 359f615d-a9e1-11e1-8a66-14dae9ebcf89\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71364\");\n script_cve_id(\"CVE-2012-2947\", \"CVE-2012-2948\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-31 11:53:50 -0400 (Thu, 31 May 2012)\");\n script_name(\"FreeBSD Ports: asterisk16\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n asterisk16\n asterisk18\n asterisk10\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://downloads.digium.com/pub/security/AST-2012-007.html\");\n script_xref(name:\"URL\", value:\"http://downloads.digium.com/pub/security/AST-2012-008.html\");\n script_xref(name:\"URL\", value:\"https://www.asterisk.org/security\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/359f615d-a9e1-11e1-8a66-14dae9ebcf89.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"asterisk16\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6\")>0 && revcomp(a:bver, b:\"1.6.2.24\")<=0) {\n txt += \"Package asterisk16 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"asterisk18\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8\")>0 && revcomp(a:bver, b:\"1.8.12.1\")<0) {\n txt += \"Package asterisk18 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\nbver = portver(pkg:\"asterisk10\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10\")>0 && revcomp(a:bver, b:\"10.4.1\")<0) {\n txt += \"Package asterisk10 version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:51:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948", "CVE-2011-2666", "CVE-2012-2947"], "description": "The remote host is missing an update to asterisk\nannounced via advisory DSA 2493-1.", "modified": "2017-07-07T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:71471", "href": "http://plugins.openvas.org/nasl.php?oid=71471", "type": "openvas", "title": "Debian Security Advisory DSA 2493-1 (asterisk)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2493_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2493-1 (asterisk)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities were discovered in Asterisk, a PBX and\ntelephony toolkit.\n\nCVE-2012-2947\nThe IAX2 channel driver allows remote attackers to cause a\ndenial of service (daemon crash) by placing a call on hold\n(when a certain mohinterpret setting is enabled).\n\nCVE-2012-2948\nThe Skinny channel driver allows remote authenticated users to\ncause a denial of service (NULL pointer dereference and daemon\ncrash) by closing a connection in off-hook mode.\n\nIn addition, it was discovered that Asterisk does not set the\nalwaysauthreject option by default in the SIP channel driver. This\nallows remote attackers to observe a difference in response behavior\nand check for the presence of account names. (CVE-2011-2666) System\nadministrators concerned by this user enumerating vulnerability should\nenable the alwaysauthreject option in the configuration. We do not\nplan to change the default setting in the stable version\n(Asterisk 1.6) in order to preserve backwards compatibility.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.6.2.9-2+squeeze6.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 1:1.8.13.0~dfsg-1.\n\nWe recommend that you upgrade your asterisk packages.\";\ntag_summary = \"The remote host is missing an update to asterisk\nannounced via advisory DSA 2493-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202493-1\";\n\nif(description)\n{\n script_id(71471);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2947\", \"CVE-2012-2948\", \"CVE-2011-2666\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:05:29 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2493-1 (asterisk)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dbg\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-h323\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-sounds-main\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dahdi\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dbg\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-mobile\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-modules\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-mp3\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-mysql\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-ooh323\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-voicemail\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-voicemail-imapstorage\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-voicemail-odbcstorage\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948", "CVE-2011-2666", "CVE-2012-2947"], "description": "The remote host is missing an update to asterisk\nannounced via advisory DSA 2493-1.", "modified": "2019-03-18T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:136141256231071471", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071471", "type": "openvas", "title": "Debian Security Advisory DSA 2493-1 (asterisk)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2493_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2493-1 (asterisk)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71471\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-2947\", \"CVE-2012-2948\", \"CVE-2011-2666\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:05:29 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Debian Security Advisory DSA 2493-1 (asterisk)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202493-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in Asterisk, a PBX and\ntelephony toolkit.\n\nCVE-2012-2947\nThe IAX2 channel driver allows remote attackers to cause a\ndenial of service (daemon crash) by placing a call on hold\n(when a certain mohinterpret setting is enabled).\n\nCVE-2012-2948\nThe Skinny channel driver allows remote authenticated users to\ncause a denial of service (NULL pointer dereference and daemon\ncrash) by closing a connection in off-hook mode.\n\nIn addition, it was discovered that Asterisk does not set the\nalwaysauthreject option by default in the SIP channel driver. This\nallows remote attackers to observe a difference in response behavior\nand check for the presence of account names. (CVE-2011-2666) System\nadministrators concerned by this user enumerating vulnerability should\nenable the alwaysauthreject option in the configuration. We do not\nplan to change the default setting in the stable version\n(Asterisk 1.6) in order to preserve backwards compatibility.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.6.2.9-2+squeeze6.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 1:1.8.13.0~dfsg-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your asterisk packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to asterisk\nannounced via advisory DSA 2493-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dbg\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-h323\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-sounds-main\", ver:\"1:1.6.2.9-2+squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dahdi\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dbg\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-mobile\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-modules\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-mp3\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-mysql\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-ooh323\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-voicemail\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-voicemail-imapstorage\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-voicemail-odbcstorage\", ver:\"1:1.8.13.0~dfsg-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948", "CVE-2012-2416", "CVE-2012-2414", "CVE-2012-2415", "CVE-2012-2947"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-05.", "modified": "2018-10-12T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:136141256231071572", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071572", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-05 (Asterisk)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201206_05.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71572\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2012-2414\", \"CVE-2012-2415\", \"CVE-2012-2416\", \"CVE-2012-2947\", \"CVE-2012-2948\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:55 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-05 (Asterisk)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities in Asterisk might allow remote attackers\nto execute arbitrary code.\");\n script_tag(name:\"solution\", value:\"All Asterisk users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.8.12.1'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-05\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=413353\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=418189\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=418191\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201206-05.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-misc/asterisk\", unaffected: make_list(\"ge 1.8.12.1\"), vulnerable: make_list(\"lt 1.8.12.1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:50:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948", "CVE-2012-2416", "CVE-2012-2414", "CVE-2012-2415", "CVE-2012-2947"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-05.", "modified": "2017-07-07T00:00:00", "published": "2012-08-10T00:00:00", "id": "OPENVAS:71572", "href": "http://plugins.openvas.org/nasl.php?oid=71572", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-05 (Asterisk)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Asterisk might allow remote attackers\nto execute arbitrary code.\";\ntag_solution = \"All Asterisk users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.8.12.1'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-05\nhttp://bugs.gentoo.org/show_bug.cgi?id=413353\nhttp://bugs.gentoo.org/show_bug.cgi?id=418189\nhttp://bugs.gentoo.org/show_bug.cgi?id=418191\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201206-05.\";\n\n \n \nif(description)\n{\n script_id(71572);\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2012-2414\", \"CVE-2012-2415\", \"CVE-2012-2416\", \"CVE-2012-2947\", \"CVE-2012-2948\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:55 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-05 (Asterisk)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-misc/asterisk\", unaffected: make_list(\"ge 1.8.12.1\"), vulnerable: make_list(\"lt 1.8.12.1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:57:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "description": "Check for the Version of asterisk", "modified": "2018-01-03T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:864417", "href": "http://plugins.openvas.org/nasl.php?oid=864417", "type": "openvas", "title": "Fedora Update for asterisk FEDORA-2012-8670", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2012-8670\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"asterisk on Fedora 17\";\ntag_insight = \"Asterisk is a complete PBX in software. It runs on Linux and provides\n all of the features you would expect from a PBX and more. Asterisk\n does voice over IP in three protocols, and can interoperate with\n almost all standards-based telephony equipment using relatively\n inexpensive hardware.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082077.html\");\n script_id(864417);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:09:02 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2947\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-8670\");\n script_name(\"Fedora Update for asterisk FEDORA-2012-8670\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of asterisk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~10.4.2~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:1361412562310864473", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864473", "type": "openvas", "title": "Fedora Update for asterisk FEDORA-2012-8685", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2012-8685\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082336.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864473\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:40:41 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2012-2947\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-8685\");\n script_name(\"Fedora Update for asterisk FEDORA-2012-8685\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'asterisk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"asterisk on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.8.12.2~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-08-30T00:00:00", "id": "OPENVAS:1361412562310864417", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864417", "type": "openvas", "title": "Fedora Update for asterisk FEDORA-2012-8670", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2012-8670\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082077.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864417\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 10:09:02 +0530 (Thu, 30 Aug 2012)\");\n script_cve_id(\"CVE-2012-2947\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-8670\");\n script_name(\"Fedora Update for asterisk FEDORA-2012-8670\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'asterisk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"asterisk on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~10.4.2~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-11T11:07:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "description": "Check for the Version of asterisk", "modified": "2018-01-10T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:864464", "href": "http://plugins.openvas.org/nasl.php?oid=864464", "type": "openvas", "title": "Fedora Update for asterisk FEDORA-2012-8692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2012-8692\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"asterisk on Fedora 16\";\ntag_insight = \"Asterisk is a complete PBX in software. It runs on Linux and provides\n all of the features you would expect from a PBX and more. Asterisk\n does voice over IP in three protocols, and can interoperate with\n almost all standards-based telephony equipment using relatively\n inexpensive hardware.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082333.html\");\n script_id(864464);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:37:54 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2012-2947\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-8692\");\n script_name(\"Fedora Update for asterisk FEDORA-2012-8692\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of asterisk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.8.12.2~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "description": "Check for the Version of asterisk", "modified": "2017-12-26T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:864473", "href": "http://plugins.openvas.org/nasl.php?oid=864473", "type": "openvas", "title": "Fedora Update for asterisk FEDORA-2012-8685", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2012-8685\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"asterisk on Fedora 15\";\ntag_insight = \"Asterisk is a complete PBX in software. It runs on Linux and provides\n all of the features you would expect from a PBX and more. Asterisk\n does voice over IP in three protocols, and can interoperate with\n almost all standards-based telephony equipment using relatively\n inexpensive hardware.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082336.html\");\n script_id(864473);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:40:41 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2012-2947\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-8685\");\n script_name(\"Fedora Update for asterisk FEDORA-2012-8685\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of asterisk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.8.12.2~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T10:41:14", "description": "Asterisk project reports :\n\nRemote crash vulnerability in IAX2 channel driver.\n\nSkinny Channel Driver Remote Crash Vulnerability", "edition": 21, "published": "2012-05-30T00:00:00", "title": "FreeBSD : asterisk -- multiple vulnerabilities (359f615d-a9e1-11e1-8a66-14dae9ebcf89)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948", "CVE-2012-2947"], "modified": "2012-05-30T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:asterisk10", "p-cpe:/a:freebsd:freebsd:asterisk16", "p-cpe:/a:freebsd:freebsd:asterisk18"], "id": "FREEBSD_PKG_359F615DA9E111E18A6614DAE9EBCF89.NASL", "href": "https://www.tenable.com/plugins/nessus/59302", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59302);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2947\", \"CVE-2012-2948\");\n\n script_name(english:\"FreeBSD : asterisk -- multiple vulnerabilities (359f615d-a9e1-11e1-8a66-14dae9ebcf89)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Asterisk project reports :\n\nRemote crash vulnerability in IAX2 channel driver.\n\nSkinny Channel Driver Remote Crash Vulnerability\"\n );\n # http://downloads.digium.com/pub/security/AST-2012-007.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://downloads.digium.com/pub/security/AST-2012-007.html\"\n );\n # http://downloads.digium.com/pub/security/AST-2012-008.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://downloads.digium.com/pub/security/AST-2012-008.html\"\n );\n # https://www.asterisk.org/security\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.asterisk.org/downloads/security-advisories\"\n );\n # https://vuxml.freebsd.org/freebsd/359f615d-a9e1-11e1-8a66-14dae9ebcf89.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?57bdeb4f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:asterisk10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:asterisk16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:asterisk18\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"asterisk16>1.6.*<=1.6.2.24\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"asterisk18>1.8.*<1.8.12.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"asterisk10>10.*<10.4.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:47:31", "description": "Several vulnerabilities were discovered in Asterisk, a PBX and\ntelephony toolkit.\n\n - CVE-2012-2947\n The IAX2 channel driver allows remote attackers to cause\n a denial of service (daemon crash) by placing a call on\n hold (when a certain mohinterpret setting is enabled).\n\n - CVE-2012-2948\n The Skinny channel driver allows remote authenticated\n users to cause a denial of service (NULL pointer\n dereference and daemon crash) by closing a connection in\n off-hook mode.\n\nIn addition, it was discovered that Asterisk does not set the\nalwaysauthreject option by default in the SIP channel driver. This\nallows remote attackers to observe a difference in response behavior\nand check for the presence of account names. (CVE-2011-2666 ) System\nadministrators concerned by this user enumerating vulnerability should\nenable the alwaysauthreject option in the configuration. We do not\nplan to change the default setting in the stable version (Asterisk\n1.6) in order to preserve backwards compatibility.", "edition": 16, "published": "2012-06-29T00:00:00", "title": "Debian DSA-2493-1 : asterisk - denial of service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948", "CVE-2011-2666", "CVE-2012-2947"], "modified": "2012-06-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:asterisk"], "id": "DEBIAN_DSA-2493.NASL", "href": "https://www.tenable.com/plugins/nessus/59771", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2493. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59771);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2947\", \"CVE-2012-2948\");\n script_bugtraq_id(53722, 53723);\n script_xref(name:\"DSA\", value:\"2493\");\n\n script_name(english:\"Debian DSA-2493-1 : asterisk - denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in Asterisk, a PBX and\ntelephony toolkit.\n\n - CVE-2012-2947\n The IAX2 channel driver allows remote attackers to cause\n a denial of service (daemon crash) by placing a call on\n hold (when a certain mohinterpret setting is enabled).\n\n - CVE-2012-2948\n The Skinny channel driver allows remote authenticated\n users to cause a denial of service (NULL pointer\n dereference and daemon crash) by closing a connection in\n off-hook mode.\n\nIn addition, it was discovered that Asterisk does not set the\nalwaysauthreject option by default in the SIP channel driver. This\nallows remote attackers to observe a difference in response behavior\nand check for the presence of account names. (CVE-2011-2666 ) System\nadministrators concerned by this user enumerating vulnerability should\nenable the alwaysauthreject option in the configuration. We do not\nplan to change the default setting in the stable version (Asterisk\n1.6) in order to preserve backwards compatibility.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-2947\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-2948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/asterisk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2493\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the asterisk packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.6.2.9-2+squeeze6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"asterisk\", reference:\"1:1.6.2.9-2+squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-config\", reference:\"1:1.6.2.9-2+squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-dbg\", reference:\"1:1.6.2.9-2+squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-dev\", reference:\"1:1.6.2.9-2+squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-doc\", reference:\"1:1.6.2.9-2+squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-h323\", reference:\"1:1.6.2.9-2+squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-sounds-main\", reference:\"1:1.6.2.9-2+squeeze6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:54:14", "description": "The remote host is affected by the vulnerability described in GLSA-201206-05\n(Asterisk: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in Asterisk:\n An error in manager.c allows shell access through the MixMonitor\n application, GetVar, or Status (CVE-2012-2414).\n An error in chan_skinny.c could cause a heap-based buffer overflow\n (CVE-2012-2415).\n An error in chan_sip.c prevents Asterisk from checking if a channel\n exists before connected line updates (CVE-2012-2416).\n An error in chan_iax2.c may cause an invalid pointer to be called\n (CVE-2012-2947).\n chan_skinny.c contains a NULL pointer dereference (CVE-2012-2948).\n \nImpact :\n\n A remote attacker could execute arbitrary code with the privileges of\n the process or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 21, "published": "2012-06-21T00:00:00", "title": "GLSA-201206-05 : Asterisk: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948", "CVE-2012-2416", "CVE-2012-2414", "CVE-2012-2415", "CVE-2012-2947"], "modified": "2012-06-21T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:asterisk"], "id": "GENTOO_GLSA-201206-05.NASL", "href": "https://www.tenable.com/plugins/nessus/59633", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201206-05.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59633);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2414\", \"CVE-2012-2415\", \"CVE-2012-2416\", \"CVE-2012-2947\", \"CVE-2012-2948\");\n script_bugtraq_id(53205, 53206, 53210, 53722, 53723);\n script_xref(name:\"GLSA\", value:\"201206-05\");\n\n script_name(english:\"GLSA-201206-05 : Asterisk: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201206-05\n(Asterisk: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been found in Asterisk:\n An error in manager.c allows shell access through the MixMonitor\n application, GetVar, or Status (CVE-2012-2414).\n An error in chan_skinny.c could cause a heap-based buffer overflow\n (CVE-2012-2415).\n An error in chan_sip.c prevents Asterisk from checking if a channel\n exists before connected line updates (CVE-2012-2416).\n An error in chan_iax2.c may cause an invalid pointer to be called\n (CVE-2012-2947).\n chan_skinny.c contains a NULL pointer dereference (CVE-2012-2948).\n \nImpact :\n\n A remote attacker could execute arbitrary code with the privileges of\n the process or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201206-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Asterisk users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.8.12.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/asterisk\", unaffected:make_list(\"ge 1.8.12.1\"), vulnerable:make_list(\"lt 1.8.12.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Asterisk\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:10:41", "description": "The Asterisk Development Team has announced the release of Asterisk\n1.8.12.2. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk\n\nThe release of Asterisk 1.8.12.2 resolves an issue reported by the\ncommunity and would have not been possible without your participation.\nThank you!\n\nThe following is the issue resolved in this release :\n\n - --- Resolve crash in subscribing for MWI notifications\n (Closes issue ASTERISK-19827. Reported by B. R)\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.12.\n2\n\nThe Asterisk Development Team has announced security releases for\nCertified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available\nsecurity releases are released as versions 1.8.11-cert2, 1.8.12.1, and\n10.4.1.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the\nfollowing two issues :\n\n - A remotely exploitable crash vulnerability exists in the\n IAX2 channel driver if an established call is placed on\n hold without a suggested music class. Asterisk will\n attempt to use an invalid pointer to the music on hold\n class name, potentially causing a crash.\n\n - A remotely exploitable crash vulnerability was found in\n the Skinny (SCCP) Channel driver. When an SCCP client\n closes its connection to the server, a pointer in a\n structure is set to NULL. If the client was not in the\n on-hook state at the time the connection was closed,\n this pointer is later dereferenced. This allows remote\n authenticated connections the ability to cause a crash\n in the server, denying services to legitimate users.\n\nThese issues and their resolution are described in the security\nadvisories.\n\nFor more information about the details of these vulnerabilities,\nplease read security advisories AST-2012-007 and AST-2012-008, which\nwere released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLogs :\n\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-1.8.11-cert2\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.12.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-10.4.1\n\nThe security advisories are available at :\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-007.\n pdf\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-00\n 8.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "published": "2012-06-18T00:00:00", "title": "Fedora 15 : asterisk-1.8.12.2-1.fc15 (2012-8685)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "modified": "2012-06-18T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:15", "p-cpe:/a:fedoraproject:fedora:asterisk"], "id": "FEDORA_2012-8685.NASL", "href": "https://www.tenable.com/plugins/nessus/59532", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8685.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59532);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2947\");\n script_bugtraq_id(53722);\n script_xref(name:\"FEDORA\", value:\"2012-8685\");\n\n script_name(english:\"Fedora 15 : asterisk-1.8.12.2-1.fc15 (2012-8685)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Asterisk Development Team has announced the release of Asterisk\n1.8.12.2. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk\n\nThe release of Asterisk 1.8.12.2 resolves an issue reported by the\ncommunity and would have not been possible without your participation.\nThank you!\n\nThe following is the issue resolved in this release :\n\n - --- Resolve crash in subscribing for MWI notifications\n (Closes issue ASTERISK-19827. Reported by B. R)\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.12.\n2\n\nThe Asterisk Development Team has announced security releases for\nCertified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available\nsecurity releases are released as versions 1.8.11-cert2, 1.8.12.1, and\n10.4.1.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the\nfollowing two issues :\n\n - A remotely exploitable crash vulnerability exists in the\n IAX2 channel driver if an established call is placed on\n hold without a suggested music class. Asterisk will\n attempt to use an invalid pointer to the music on hold\n class name, potentially causing a crash.\n\n - A remotely exploitable crash vulnerability was found in\n the Skinny (SCCP) Channel driver. When an SCCP client\n closes its connection to the server, a pointer in a\n structure is set to NULL. If the client was not in the\n on-hook state at the time the connection was closed,\n this pointer is later dereferenced. This allows remote\n authenticated connections the ability to cause a crash\n in the server, denying services to legitimate users.\n\nThese issues and their resolution are described in the security\nadvisories.\n\nFor more information about the details of these vulnerabilities,\nplease read security advisories AST-2012-007 and AST-2012-008, which\nwere released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLogs :\n\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-1.8.11-cert2\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.12.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-10.4.1\n\nThe security advisories are available at :\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-007.\n pdf\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-00\n 8.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2012-007.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2012-008.pdf\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.12.2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3c92157b\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/releases/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.12.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01547647\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.4.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ef88683\"\n );\n # http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f897510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=826474\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082336.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df03be2f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected asterisk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"asterisk-1.8.12.2-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:10:41", "description": "The Asterisk Development Team has announced the release of Asterisk\n1.8.12.2. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk\n\nThe release of Asterisk 1.8.12.2 resolves an issue reported by the\ncommunity and would have not been possible without your participation.\nThank you!\n\nThe following is the issue resolved in this release :\n\n - --- Resolve crash in subscribing for MWI notifications\n (Closes issue ASTERISK-19827. Reported by B. R)\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.12.\n2\n\nThe Asterisk Development Team has announced security releases for\nCertified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available\nsecurity releases are released as versions 1.8.11-cert2, 1.8.12.1, and\n10.4.1.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the\nfollowing two issues :\n\n - A remotely exploitable crash vulnerability exists in the\n IAX2 channel driver if an established call is placed on\n hold without a suggested music class. Asterisk will\n attempt to use an invalid pointer to the music on hold\n class name, potentially causing a crash.\n\n - A remotely exploitable crash vulnerability was found in\n the Skinny (SCCP) Channel driver. When an SCCP client\n closes its connection to the server, a pointer in a\n structure is set to NULL. If the client was not in the\n on-hook state at the time the connection was closed,\n this pointer is later dereferenced. This allows remote\n authenticated connections the ability to cause a crash\n in the server, denying services to legitimate users.\n\nThese issues and their resolution are described in the security\nadvisories.\n\nFor more information about the details of these vulnerabilities,\nplease read security advisories AST-2012-007 and AST-2012-008, which\nwere released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLogs :\n\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-1.8.11-cert2\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.12.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-10.4.1\n\nThe security advisories are available at :\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-007.\n pdf\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-00\n 8.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "published": "2012-06-18T00:00:00", "title": "Fedora 16 : asterisk-1.8.12.2-1.fc16 (2012-8692)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "modified": "2012-06-18T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:16", "p-cpe:/a:fedoraproject:fedora:asterisk"], "id": "FEDORA_2012-8692.NASL", "href": "https://www.tenable.com/plugins/nessus/59533", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8692.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59533);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2947\");\n script_bugtraq_id(53722);\n script_xref(name:\"FEDORA\", value:\"2012-8692\");\n\n script_name(english:\"Fedora 16 : asterisk-1.8.12.2-1.fc16 (2012-8692)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Asterisk Development Team has announced the release of Asterisk\n1.8.12.2. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk\n\nThe release of Asterisk 1.8.12.2 resolves an issue reported by the\ncommunity and would have not been possible without your participation.\nThank you!\n\nThe following is the issue resolved in this release :\n\n - --- Resolve crash in subscribing for MWI notifications\n (Closes issue ASTERISK-19827. Reported by B. R)\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.12.\n2\n\nThe Asterisk Development Team has announced security releases for\nCertified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available\nsecurity releases are released as versions 1.8.11-cert2, 1.8.12.1, and\n10.4.1.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the\nfollowing two issues :\n\n - A remotely exploitable crash vulnerability exists in the\n IAX2 channel driver if an established call is placed on\n hold without a suggested music class. Asterisk will\n attempt to use an invalid pointer to the music on hold\n class name, potentially causing a crash.\n\n - A remotely exploitable crash vulnerability was found in\n the Skinny (SCCP) Channel driver. When an SCCP client\n closes its connection to the server, a pointer in a\n structure is set to NULL. If the client was not in the\n on-hook state at the time the connection was closed,\n this pointer is later dereferenced. This allows remote\n authenticated connections the ability to cause a crash\n in the server, denying services to legitimate users.\n\nThese issues and their resolution are described in the security\nadvisories.\n\nFor more information about the details of these vulnerabilities,\nplease read security advisories AST-2012-007 and AST-2012-008, which\nwere released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLogs :\n\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-1.8.11-cert2\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.12.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-10.4.1\n\nThe security advisories are available at :\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-007.\n pdf\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-00\n 8.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2012-007.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2012-008.pdf\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.8.12.2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3c92157b\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/releases/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.12.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01547647\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.4.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ef88683\"\n );\n # http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f897510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=826474\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082333.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8571432e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected asterisk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"asterisk-1.8.12.2-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-02-01T01:23:57", "description": "According to the version in its SIP banner, the version of Asterisk\nrunning on the remote host is potentially affected by a vulnerability\nthat could allow a remote attacker to crash the server. This issue\ncould be exploited when a call is put on hold and the entity placing\nthe call on hold contains the configuration item 'mohinterpret' set to\nthe value 'passthrough'. An additional requirement is that the call\nis placed on hold with no 'music-on-hold' class name selected.", "edition": 26, "published": "2012-06-14T00:00:00", "title": "Asterisk Remote Crash Vulnerability in IAX2 Channel Driver (AST-2012-007)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:digium:asterisk"], "id": "ASTERISK_AST_2012_007.NASL", "href": "https://www.tenable.com/plugins/nessus/59503", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59503);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2012-2947\");\n script_bugtraq_id(53722);\n\n script_name(english:\"Asterisk Remote Crash Vulnerability in IAX2 Channel Driver (AST-2012-007)\");\n script_summary(english:\"Checks version in SIP banner.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A telephony application running on the remote host is affected by a\ndenial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version in its SIP banner, the version of Asterisk\nrunning on the remote host is potentially affected by a vulnerability\nthat could allow a remote attacker to crash the server. This issue\ncould be exploited when a call is put on hold and the entity placing\nthe call on hold contains the configuration item 'mohinterpret' set to\nthe value 'passthrough'. An additional requirement is that the call\nis placed on hold with no 'music-on-hold' class name selected.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Asterisk 1.8.12.1 / 10.4.1 / 1.8.11-cert-2 or apply the\npatches listed in the Asterisk advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"see_also\", value:\"https://issues.asterisk.org/jira/browse/ASTERISK-19597\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2012-007.html\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/14\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:digium:asterisk\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"asterisk_detection.nasl\");\n script_require_keys(\"asterisk/sip_detected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"asterisk/sip_detected\");\n\n# see if we were able to get version info from the Asterisk SIP services\nasterisk_kbs = get_kb_list(\"sip/asterisk/*/version\");\nif (isnull(asterisk_kbs)) exit(1, \"Could not obtain any version information from the Asterisk SIP instance(s).\");\n\n# Prevent potential false positives.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nis_vuln = FALSE;\nnot_vuln_installs = make_list();\nerrors = make_list();\n\nforeach kb_name (keys(asterisk_kbs))\n{\n vulnerable = 0;\n\n matches = eregmatch(pattern:\"/(udp|tcp)/([0-9]+)/version\", string:kb_name);\n if (isnull(matches))\n {\n errors = make_list(errors, \"Unexpected error parsing port number from kb name: \"+kb_name);\n continue;\n }\n\n proto = matches[1];\n port = matches[2];\n version = asterisk_kbs[kb_name];\n\n if (version == 'unknown')\n {\n errors = make_list(errors, \"Unable to obtain version of install on \" + proto + \"/\" + port);\n continue;\n }\n\n banner = get_kb_item(\"sip/asterisk/\" + proto + \"/\" + port + \"/source\");\n if (!banner)\n {\n # We have version but banner is missing; log error\n # and use in version-check though.\n errors = make_list(errors, \"KB item 'sip/asterisk/\" + proto + \"/\" + port + \"/source' is missing\");\n banner = 'unknown';\n }\n\n if (version =~ \"^1\\.8([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"1.8.12.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n else if (version =~ \"^1\\.8\\.11-cert[01]([^0-9]|$)\")\n {\n fixed = \"1.8.11-cert2\";\n vulnerable = -1;\n }\n else if (version =~ \"^10([^0-9]|$)\")\n {\n fixed = \"10.4.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n if (vulnerable < 0)\n {\n is_vuln = TRUE;\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed + '\\n';\n security_note(port:port, proto:proto, extra:report);\n }\n else security_note(port:port, proto:proto);\n }\n else not_vuln_installs = make_list(not_vuln_installs, version + \" on port \" + proto + \"/\" + port);\n}\n\nif (max_index(errors))\n{\n if (max_index(errors) == 1) errmsg = errors[0];\n else errmsg = 'Errors were encountered verifying installs : \\n ' + join(errors, sep:'\\n ');\n\n exit(1, errmsg);\n}\nelse\n{\n installs = max_index(not_vuln_installs);\n if (installs == 0)\n {\n if (is_vuln)\n exit(0);\n else\n audit(AUDIT_NOT_INST, \"Asterisk\");\n }\n else if (installs == 1) audit(AUDIT_INST_VER_NOT_VULN, \"Asterisk \" + not_vuln_installs[0]);\n else exit(0, \"The Asterisk installs (\" + join(not_vuln_installs, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:10:41", "description": "he Asterisk Development Team has announced the release of Asterisk\n10.4.2. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk\n\nThe release of Asterisk 10.4.2 resolves several issues reported by the\ncommunity and would have not been possible without your participation.\nThank you!\n\nThe following are the issues resolved in this release :\n\n - --- Resolve crash in subscribing for MWI notifications\n (Closes issue ASTERISK-19827. Reported by B. R)\n\n - --- Fix crash in ConfBridge when user announcement is\n played for more than 2 users (Closes issue\n ASTERISK-19899. Reported by Florian Gilcher)\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.4.2\n\nThe Asterisk Development Team has announced security releases for\nCertified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available\nsecurity releases are released as versions 1.8.11-cert2, 1.8.12.1, and\n10.4.1.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the\nfollowing two issues :\n\n - A remotely exploitable crash vulnerability exists in the\n IAX2 channel driver if an established call is placed on\n hold without a suggested music class. Asterisk will\n attempt to use an invalid pointer to the music on hold\n class name, potentially causing a crash.\n\n - A remotely exploitable crash vulnerability was found in\n the Skinny (SCCP) Channel driver. When an SCCP client\n closes its connection to the server, a pointer in a\n structure is set to NULL. If the client was not in the\n on-hook state at the time the connection was closed,\n this pointer is later dereferenced. This allows remote\n authenticated connections the ability to cause a crash\n in the server, denying services to legitimate users.\n\nThese issues and their resolution are described in the security\nadvisories.\n\nFor more information about the details of these vulnerabilities,\nplease read security advisories AST-2012-007 and AST-2012-008, which\nwere released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLogs :\n\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-1.8.11-cert2\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.12.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-10.4.1\n\nThe security advisories are available at :\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-007.\n pdf\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-00\n 8.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "published": "2012-06-11T00:00:00", "title": "Fedora 17 : asterisk-10.4.2-1.fc17 (2012-8670)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2947"], "modified": "2012-06-11T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:17", "p-cpe:/a:fedoraproject:fedora:asterisk"], "id": "FEDORA_2012-8670.NASL", "href": "https://www.tenable.com/plugins/nessus/59434", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8670.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59434);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-2947\");\n script_bugtraq_id(53722);\n script_xref(name:\"FEDORA\", value:\"2012-8670\");\n\n script_name(english:\"Fedora 17 : asterisk-10.4.2-1.fc17 (2012-8670)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"he Asterisk Development Team has announced the release of Asterisk\n10.4.2. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk\n\nThe release of Asterisk 10.4.2 resolves several issues reported by the\ncommunity and would have not been possible without your participation.\nThank you!\n\nThe following are the issues resolved in this release :\n\n - --- Resolve crash in subscribing for MWI notifications\n (Closes issue ASTERISK-19827. Reported by B. R)\n\n - --- Fix crash in ConfBridge when user announcement is\n played for more than 2 users (Closes issue\n ASTERISK-19899. Reported by Florian Gilcher)\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.4.2\n\nThe Asterisk Development Team has announced security releases for\nCertified Asterisk 1.8.11 and Asterisk 1.8 and 10. The available\nsecurity releases are released as versions 1.8.11-cert2, 1.8.12.1, and\n10.4.1.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the\nfollowing two issues :\n\n - A remotely exploitable crash vulnerability exists in the\n IAX2 channel driver if an established call is placed on\n hold without a suggested music class. Asterisk will\n attempt to use an invalid pointer to the music on hold\n class name, potentially causing a crash.\n\n - A remotely exploitable crash vulnerability was found in\n the Skinny (SCCP) Channel driver. When an SCCP client\n closes its connection to the server, a pointer in a\n structure is set to NULL. If the client was not in the\n on-hook state at the time the connection was closed,\n this pointer is later dereferenced. This allows remote\n authenticated connections the ability to cause a crash\n in the server, denying services to legitimate users.\n\nThese issues and their resolution are described in the security\nadvisories.\n\nFor more information about the details of these vulnerabilities,\nplease read security advisories AST-2012-007 and AST-2012-008, which\nwere released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLogs :\n\nhttp://downloads.asterisk.org/pub/telephony/certified-asterisk/release\ns/ChangeLog-1.8.11-cert2\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.12.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-10.4.1\n\nThe security advisories are available at :\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-007.\n pdf\n\n -\n http://downloads.asterisk.org/pub/security/AST-2012-00\n 8.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2012-007.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2012-008.pdf\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.4.2\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/releases/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.12.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01547647\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.4.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ef88683\"\n );\n # http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert2\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f897510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=826474\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082077.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7abb49b6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected asterisk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"asterisk-10.4.2-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk\");\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-02-01T01:23:57", "description": "According to the version in its SIP banner, the version of Asterisk\nrunning on the remote host is potentially affected by a vulnerability\nthat could allow a remote attacker to crash the server. This issue\ncould be exploited when the attacker has a valid SCCP (Skinny) ID and\ncloses a connection when in certain call states. A NULL pointer is\nleft behind and can cause the server to crash when the pointer is\nlater dereferenced.", "edition": 25, "published": "2012-06-14T00:00:00", "title": "Asterisk Remote Crash Vulnerability in Skinny Channel Driver (AST-2012-008)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2948"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:digium:asterisk"], "id": "ASTERISK_AST_2012_008.NASL", "href": "https://www.tenable.com/plugins/nessus/59504", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59504);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-2948\");\n script_bugtraq_id(53723);\n\n script_name(english:\"Asterisk Remote Crash Vulnerability in Skinny Channel Driver (AST-2012-008)\");\n script_summary(english:\"Checks version in SIP banner\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A telephony application running on the remote host is affected by a\ndenial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version in its SIP banner, the version of Asterisk\nrunning on the remote host is potentially affected by a vulnerability\nthat could allow a remote attacker to crash the server. This issue\ncould be exploited when the attacker has a valid SCCP (Skinny) ID and\ncloses a connection when in certain call states. A NULL pointer is\nleft behind and can cause the server to crash when the pointer is\nlater dereferenced.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://issues.asterisk.org/jira/browse/ASTERISK-19905\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2012-008.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Asterisk 1.8.12.1 / 10.4.1 / 1.8.11-cert-2 or apply the\npatches listed in the Asterisk advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2948\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/14\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:digium:asterisk\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"asterisk_detection.nasl\");\n script_require_keys(\"asterisk/sip_detected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"asterisk/sip_detected\");\n\n# see if we were able to get version info from the Asterisk SIP services\nasterisk_kbs = get_kb_list(\"sip/asterisk/*/version\");\nif (isnull(asterisk_kbs)) exit(1, \"Could not obtain any version information from the Asterisk SIP instance(s).\");\n\n# Prevent potential false positives.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nis_vuln = FALSE;\nnot_vuln_installs = make_list();\nerrors = make_list();\n\nforeach kb_name (keys(asterisk_kbs))\n{\n vulnerable = 0;\n\n matches = eregmatch(pattern:\"/(udp|tcp)/([0-9]+)/version\", string:kb_name);\n if (isnull(matches))\n {\n errors = make_list(errors, \"Unexpected error parsing port number from kb name: \"+kb_name);\n continue;\n }\n\n proto = matches[1];\n port = matches[2];\n version = asterisk_kbs[kb_name];\n\n if (version == 'unknown')\n {\n errors = make_list(errors, \"Unable to obtain version of install on \" + proto + \"/\" + port);\n continue;\n }\n\n banner = get_kb_item(\"sip/asterisk/\" + proto + \"/\" + port + \"/source\");\n if (!banner)\n {\n # We have version but banner is missing; log error\n # and use in version-check though.\n errors = make_list(errors, \"KB item 'sip/asterisk/\" + proto + \"/\" + port + \"/source' is missing\");\n banner = 'unknown';\n }\n\n if (version =~ \"^1\\.8([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"1.8.12.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n else if (version =~ \"^1\\.8\\.11-cert1([^0-9]|$)\")\n {\n fixed = \"1.8.11-cert2\";\n vulnerable = -1;\n }\n else if (version =~ \"^10([^0-9]|$)\")\n {\n fixed = \"10.4.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n if (vulnerable < 0)\n {\n is_vuln = TRUE;\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed + '\\n';\n security_warning(port:port, proto:proto, extra:report);\n }\n else security_warning(port:port, proto:proto);\n }\n else not_vuln_installs = make_list(not_vuln_installs, version + \" on port \" + proto + \"/\" + port);\n}\n\nif (max_index(errors))\n{\n if (max_index(errors) == 1) errmsg = errors[0];\n else errmsg = 'Errors were encountered verifying installs : \\n ' + join(errors, sep:'\\n ');\n\n exit(1, errmsg);\n}\nelse\n{\n installs = max_index(not_vuln_installs);\n if (installs == 0)\n {\n if (is_vuln)\n exit(0);\n else\n audit(AUDIT_NOT_INST, \"Asterisk\");\n }\n else if (installs == 1) audit(AUDIT_INST_VER_NOT_VULN, \"Asterisk \" + not_vuln_installs[0]);\n else exit(0, \"The Asterisk installs (\" + join(not_vuln_installs, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:49", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2948", "CVE-2012-2947"], "description": "\nAsterisk project reports:\n\nRemote crash vulnerability in IAX2 channel driver.\nSkinny Channel Driver Remote Crash Vulnerability\n\n", "edition": 4, "modified": "2012-05-29T00:00:00", "published": "2012-05-29T00:00:00", "id": "359F615D-A9E1-11E1-8A66-14DAE9EBCF89", "href": "https://vuxml.freebsd.org/freebsd/359f615d-a9e1-11e1-8a66-14dae9ebcf89.html", "title": "asterisk -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:47", "bulletinFamily": "software", "cvelist": ["CVE-2012-2948", "CVE-2012-2947"], "description": "DoS conditions on Skinny and IAX2 parsing.", "edition": 1, "modified": "2012-05-31T00:00:00", "published": "2012-05-31T00:00:00", "id": "SECURITYVULNS:VULN:12393", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12393", "title": "Asterisk security vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:44", "bulletinFamily": "software", "cvelist": ["CVE-2012-2947"], "description": " Asterisk Project Security Advisory - AST-2012-007\r\n\r\n Product Asterisk \r\n Summary Remote crash vulnerability in IAX2 channel driver. \r\n Nature of Advisory Remote crash \r\n Susceptibility Established calls \r\n Severity Moderate \r\n Exploits Known No \r\n Reported On March 21, 2012 \r\n Reported By mgrobecker \r\n Posted On May 29, 2012 \r\n Last Updated On May 29, 2012 \r\n Advisory Contact Richard Mudgett < rmudgett AT digium DOT com > \r\n CVE Name CVE-2012-2947 \r\n\r\n Description A remotely exploitable crash vulnerability exists in the \r\n IAX2 channel driver if an established call is placed on \r\n hold without a suggested music class. For this to occur, \r\n the following must take place: \r\n \r\n 1. The setting mohinterpret=passthrough must be set on the \r\n end placing the call on hold. \r\n \r\n 2. A call must be established. \r\n \r\n 3. The call is placed on hold without a suggested \r\n music-on-hold class name. \r\n \r\n When these conditions are true, Asterisk will attempt to \r\n use an invalid pointer to a music-on-hold class name. Use \r\n of the invalid pointer will either cause a crash or the \r\n music-on-hold class name will be garbage. \r\n\r\n Resolution Asterisk now sets the extra data parameter to null if the \r\n received control frame does not have any extra data. \r\n\r\n Affected Versions\r\n Product Release Series \r\n Certified Asterisk 1.8.11-cert All versions \r\n Asterisk Open Source 1.8.x All versions \r\n Asterisk Open Source 10.x All versions \r\n\r\n Corrected In\r\n Product Release \r\n Certified Asterisk 1.8.11-cert2 \r\n Asterisk Open Source 1.8.12.1, 10.4.1 \r\n\r\n Patches \r\n SVN URL Revision \r\nhttp://downloads.asterisk.org/pub/security/AST-2012-007-1.8.11-cert.diff v1.8.11-cert \r\nhttp://downloads.asterisk.org/pub/security/AST-2012-007-1.8.diff v1.8 \r\nhttp://downloads.asterisk.org/pub/security/AST-2012-007-10.diff v10 \r\n\r\n Links https://issues.asterisk.org/jira/browse/ASTERISK-19597 \r\n\r\n Asterisk Project Security Advisories are posted at \r\n http://www.asterisk.org/security \r\n \r\n This document may be superseded by later versions; if so, the latest \r\n version will be posted at \r\n http://downloads.digium.com/pub/security/AST-2012-007.pdf and \r\n http://downloads.digium.com/pub/security/AST-2012-007.html \r\n\r\n Revision History\r\n Date Editor Revisions Made \r\n 05/29/2012 Richard Mudgett Initial release. \r\n\r\n Asterisk Project Security Advisory - AST-2012-007\r\n Copyright (c) 2012 Digium, Inc. All Rights Reserved.\r\n Permission is hereby granted to distribute and publish this advisory in its\r\n original, unaltered form.\r\n", "edition": 1, "modified": "2012-05-31T00:00:00", "published": "2012-05-31T00:00:00", "id": "SECURITYVULNS:DOC:28097", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28097", "title": "AST-2012-007: Remote crash vulnerability in IAX2 channel driver.", "type": "securityvulns", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:44", "bulletinFamily": "software", "cvelist": ["CVE-2012-2948"], "description": " Asterisk Project Security Advisory - AST-2012-008\r\n\r\n Product Asterisk \r\n Summary Skinny Channel Driver Remote Crash Vulnerability \r\n Nature of Advisory Denial of Service \r\n Susceptibility Remote authenticated sessions \r\n Severity Minor \r\n Exploits Known No \r\n Reported On May 22, 2012 \r\n Reported By Christoph Hebeisen \r\n Posted On May 29, 2012 \r\n Last Updated On May 29, 2012 \r\n Advisory Contact Matt Jordan < mjordan AT digium DOT com > \r\n CVE Name CVE-2012-2948 \r\n\r\n Description As reported by Telus Labs: \r\n \r\n "A Null-pointer dereference has been identified in the SCCP \r\n (Skinny) channel driver of Asterisk. When an SCCP client \r\n closes its connection to the server, a pointer in a \r\n structure is set to Null. If the client was not in the \r\n on-hook state at the time the connection was closed, this \r\n pointer is later dereferenced. \r\n \r\n A remote attacker with a valid SCCP ID can can use this \r\n vulnerability by closing a connection to the Asterisk \r\n server in certain call states (e.g. "Off hook") to crash \r\n the server. Successful exploitation of this vulnerability \r\n would result in termination of the server, causing denial \r\n of service to legitimate users." \r\n\r\n Resolution The pointer to the device in the structure is now checked \r\n before it is dereferenced in the channel event callbacks and \r\n message handling functions. \r\n\r\n Affected Versions\r\n Product Release Series \r\n Asterisk Open Source 1.8.x All Versions \r\n Asterisk Open Source 10.x All Versions \r\n Certified Asterisk 1.8.11-cert 1.8.11-cert1 \r\n\r\n Corrected In\r\n Product Release \r\n Asterisk Open Source 1.8.12.1, 10.4.1 \r\n Certified Asterisk 1.8.11-cert2 \r\n\r\n Patches \r\n SVN URL Revision \r\nhttp://downloads.asterisk.org/pub/security/AST-2012-008-1.8.diff v1.8 \r\nhttp://downloads.asterisk.org/pub/security/AST-2012-008-10.diff v10 \r\nhttp://downloads.asterisk.org/pub/security/AST-2012-008-1.8.11-cert.diff v1.8.11-cert \r\n\r\n Links https://issues.asterisk.org/jira/browse/ASTERISK-19905 \r\n\r\n Asterisk Project Security Advisories are posted at \r\n http://www.asterisk.org/security \r\n \r\n This document may be superseded by later versions; if so, the latest \r\n version will be posted at \r\n http://downloads.digium.com/pub/security/AST-2012-008.pdf and \r\n http://downloads.digium.com/pub/security/AST-2012-008.html \r\n\r\n Revision History\r\n Date Editor Revisions Made \r\n 05/25/2012 Matt Jordan Initial Release \r\n\r\n Asterisk Project Security Advisory - AST-2012-008\r\n Copyright (c) 2012 Digium, Inc. All Rights Reserved.\r\n Permission is hereby granted to distribute and publish this advisory in its\r\n original, unaltered form.\r\n", "edition": 1, "modified": "2012-05-31T00:00:00", "published": "2012-05-31T00:00:00", "id": "SECURITYVULNS:DOC:28098", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28098", "title": "AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:13:12", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2948", "CVE-2011-2666", "CVE-2012-2947"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2493-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJune 12, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : asterisk\nVulnerability : denial of service\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-2947 CVE-2012-2948\nDebian Bug : 675204 675210\n\nSeveral vulnerabilities were discovered in Asterisk, a PBX and\ntelephony toolkit.\n\nCVE-2012-2947\n\tThe IAX2 channel driver allows remote attackers to cause a\n\tdenial of service (daemon crash) by placing a call on hold\n\t(when a certain mohinterpret setting is enabled).\n\nCVE-2012-2948\n\tThe Skinny channel driver allows remote authenticated users to\n\tcause a denial of service (NULL pointer dereference and daemon\n\tcrash) by closing a connection in off-hook mode.\n\nIn addition, it was discovered that Asterisk does not set the\nalwaysauthreject option by default in the SIP channel driver. This\nallows remote attackers to observe a difference in response behavior\nand check for the presence of account names. (CVE-2011-2666) System\nadministrators concerned by this user enumerating vulnerability should\nenable the alwaysauthreject option in the configuration. We do not\nplan to change the default setting in the stable version\n(Asterisk 1.6) in order to preserve backwards compatibility.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.6.2.9-2+squeeze6.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), this problem has been fixed in version 1:1.8.13.0~dfsg-1.\n\nWe recommend that you upgrade your asterisk packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2012-06-12T19:38:28", "published": "2012-06-12T19:38:28", "id": "DEBIAN:DSA-2493-1:09782", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00133.html", "title": "[SECURITY] [DSA 2493-1] asterisk security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:22", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2948", "CVE-2012-2416", "CVE-2012-2414", "CVE-2012-2415", "CVE-2012-2947"], "edition": 1, "description": "### Background\n\nAsterisk is an open source telephony engine and toolkit.\n\n### Description\n\nMultiple vulnerabilities have been found in Asterisk:\n\n * An error in manager.c allows shell access through the MixMonitor application, GetVar, or Status (CVE-2012-2414). \n * An error in chan_skinny.c could cause a heap-based buffer overflow (CVE-2012-2415). \n * An error in chan_sip.c prevents Asterisk from checking if a channel exists before connected line updates (CVE-2012-2416). \n * An error in chan_iax2.c may cause an invalid pointer to be called (CVE-2012-2947). \n * chan_skinny.c contains a NULL pointer dereference (CVE-2012-2948).\n\n### Impact\n\nA remote attacker could execute arbitrary code with the privileges of the process or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Asterisk users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/asterisk-1.8.12.1\"", "modified": "2012-06-21T00:00:00", "published": "2012-06-21T00:00:00", "id": "GLSA-201206-05", "href": "https://security.gentoo.org/glsa/201206-05", "type": "gentoo", "title": "Asterisk: Multiple vulnerabilities", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2947"], "description": "Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. ", "modified": "2012-06-15T23:54:12", "published": "2012-06-15T23:54:12", "id": "FEDORA:45F4620E83", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: asterisk-1.8.12.2-1.fc15", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2947"], "description": "Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. ", "modified": "2012-06-10T01:36:23", "published": "2012-06-10T01:36:23", "id": "FEDORA:992EE20B90", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: asterisk-10.4.2-1.fc17", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2947"], "description": "Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. ", "modified": "2012-06-15T23:53:31", "published": "2012-06-15T23:53:31", "id": "FEDORA:F29232134D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: asterisk-1.8.12.2-1.fc16", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:N/I:N/A:P"}}]}
