14 matches found
EUVD-2014-3977
Malware in sbrugna...
EUVD-2012-2401
Malware in sbrugna...
Updated asterisk packages fix security vulnerabilities
Updated asterisk packages fix security vulnerabilities: Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action CVE-2014-4046. Asterisk Open...
CVE-2014-4046
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action...
CVE-2014-4046
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action...
DEBIAN-CVE-2014-4046
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action...
Deserialization of untrusted data
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action...
CVE-2014-4046
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action...
CVE-2014-4046
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action...
CVE-2014-4046
CVE-2014-4046 affects Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1, plus Certified Asterisk 11.6 before 11.6-cert3, allowing remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action. Public advisories (Debian DLA-455-1, Mageia MGASA-2014-03...
Asterisk Manager Interface MixMonitor Privilege Escalation (AST-2014-006)
According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a privilege escalation vulnerability. A flaw exists in the Asterisk Manager Interface AMI which allows manager users to execute arbitrary shell commands subject to the...
AST-2014-006: Asterisk Manager User Unauthorized Shell Access
Asterisk Project Security Advisory - AST-2014-006 Product Asterisk Summary Asterisk Manager User Unauthorized Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On April 9, 2014 Reported By Corey Farrell...
CVE-2012-2414
main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to...
DEBIAN-CVE-2012-2414
main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to...