Digium Asterisk Manager User Shell Command Execution - Ver2 (CVE-2012-2414)

A security bypass vulnerability has been reported in Digium Asterisk. The vulnerability is due to an error in the way the server validates permissions while executing shell commands from unauthorized users. A remote attacker can exploit this issue by sending specially crafted AMI requests to the...

Digium Asterisk Manager User Shell Command Execution (CVE-2012-2414)

A security bypass vulnerability has been reported in Digium Asterisk...

Fedora Update for asterisk FEDORA-2012-6704

Check for the Version of asterisk OpenVAS Vulnerability Test Fedora Update for asterisk FEDORA-2012-6704 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for asterisk FEDORA-2012-6704

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Gentoo Security Advisory GLSA 201206-05 (Asterisk)

The remote host is missing updates announced in advisory GLSA 201206-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Fedora Update for asterisk FEDORA-2012-6612

Check for the Version of asterisk OpenVAS Vulnerability Test Fedora Update for asterisk FEDORA-2012-6612 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2012-2414

main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to...

CVE-2012-2414

main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to...

CVE-2012-2414

CVE-2012-2414 affects Asterisk Open Source: 1.6.2.x prior to 1.6.2.24, 1.8.x prior to 1.8.11.1, and 10.x prior to 10.3.1. The issue is that main/manager.c in the Manager Interface does not properly enforce System class authorization, enabling remote authenticated users to execute commands via (1)...

FreeBSD Ports: asterisk16

The remote host is missing an update to the system as announced in the referenced advisory. VID 1c5abbe2-8d7f-11e1-a374-14dae9ebcf89 OpenVAS Vulnerability Test $ Description: Auto generated from VID 1c5abbe2-8d7f-11e1-a374-14dae9ebcf89 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

DSA-2460-1 asterisk - several

Bulletin has no description...