2 matches found
openSUSE 10 Security Update : asterisk (asterisk-3543)
This update fixes multiple bugs that allowed attackers to remotely crash asterisk or cause an information leak CVE-2007-1561, CVE-2007-1594, CVE-2007-1595, CVE-2007-2297, CVE-2007-2488. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...
CVE-2007-1595
The CVE-2007-1595 entry concerns the Asterisk Extension Language (AEL) in pbx/pbx_ael.c, where extensions are not properly generated. The flaw allows remote attackers to cause execution of arbitrary extensions by supplying an invalid extension in a specific form, with an unknown overall impact as...