{"cve": [{"lastseen": "2019-05-29T18:11:10", "bulletinFamily": "NVD", "description": "Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces, which allows remote attackers to cause a denial of service (file descriptor exhaustion and disk space exhaustion) via a series of TCP connections.", "modified": "2011-09-07T03:16:00", "id": "CVE-2011-1507", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1507", "published": "2011-04-27T00:55:00", "title": "CVE-2011-1507", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2019-11-01T02:37:27", "bulletinFamily": "scanner", "description": "The Asterisk Development Team reports :\n\nIt is possible for a user of the Asterisk Manager Interface to bypass\na security check and execute shell commands when they should not have\nthat ability. Sending the ", "modified": "2019-11-02T00:00:00", "id": "FREEBSD_PKG_3C7D565A6C6411E0813A6C626DD55A41.NASL", "href": "https://www.tenable.com/plugins/nessus/53523", "published": "2011-04-22T00:00:00", "title": "FreeBSD : Asterisk -- multiple vulnerabilities (3c7d565a-6c64-11e0-813a-6c626dd55a41)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53523);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/08/02 13:32:40\");\n\n script_cve_id(\"CVE-2011-1507\");\n\n script_name(english:\"FreeBSD : Asterisk -- multiple vulnerabilities (3c7d565a-6c64-11e0-813a-6c626dd55a41)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Asterisk Development Team reports :\n\nIt is possible for a user of the Asterisk Manager Interface to bypass\na security check and execute shell commands when they should not have\nthat ability. Sending the 'Async' header with the 'Application' header\nduring an Originate action, allows authenticated manager users to\nexecute shell commands. Only users with the 'system' privilege should\nbe able to do this.\n\nOn systems that have the Asterisk Manager Interface, Skinny, SIP over\nTCP, or the built in HTTP server enabled, it is possible for an\nattacker to open as many connections to asterisk as he wishes. This\nwill cause Asterisk to run out of available file descriptors and stop\nprocessing any new calls. Additionally, disk space can be exhausted as\nAsterisk logs failures to open new file descriptors.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-005.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-006.pdf\"\n );\n # https://vuxml.freebsd.org/freebsd/3c7d565a-6c64-11e0-813a-6c626dd55a41.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?46cc4f77\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:asterisk14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:asterisk16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:asterisk18\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"asterisk14>1.4.*<1.4.40.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"asterisk16>1.6.*<1.6.2.17.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"asterisk18>1.8.*<1.8.3.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-11-01T02:26:54", "bulletinFamily": "scanner", "description": "The Asterisk Development Team has announced the release of Asterisk\n1.6.2.18. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/\n\nThe release of Asterisk 1.6.2.18 resolves several issues reported by\nthe community and would have not been possible without your\nparticipation. Thank you!\n\nThe following is a sample of the issues resolved in this release :\n\n - Only offer codecs both sides support for directmedia.\n (Closes issue #17403. Reported, patched by one47)\n\n - Resolution of several DTMF based attended transfer\n issues. (Closes issue #17999, #17096, #18395, #17273.\n Reported by iskatel, gelo, shihchuan, grecco. Patched by\n rmudgett) NOTE: Be sure to read the ChangeLog for more\n information about these changes.\n\n - Resolve deadlocks related to device states in chan_sip\n (Closes issue #18310. Reported, patched by one47.\n Patched by jpeeler)\n\n - Fix channel redirect out of MeetMe() and other issues\n with channel softhangup (Closes issue #18585. Reported\n by oej. Tested by oej, wedhorn, russellb. Patched by\n russellb)\n\n - Fix voicemail sequencing for file based storage. (Closes\n issue #18498, #18486. Reported by JJCinAZ, bluefox.\n Patched by jpeeler)\n\n - Guard against retransmitting BYEs indefinitely during\n attended transfers with chan_sip. (Review:\n https://reviewboard.asterisk.org/r/1077/)\n\nIn addition to the changes listed above, commits to resolve security\nissues AST-2011-005 and AST-2011-006 have been merged into this\nrelease. More information about AST-2011-005 and AST-2011-006 can be\nfound at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1\n8 The Asterisk Development Team has announced security releases for\nAsterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security\nreleases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and\n1.8.3.3.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3\nresolve two issues :\n\n - File Descriptor Resource Exhaustion (AST-2011-005)\n\n - Asterisk Manager User Shell Access (AST-2011-006)\n\nThe issues and resolutions are described in the AST-2011-005 and\nAST-2011-006 security advisories.\n\nFor more information about the details of these vulnerabilities,\nplease read the security advisories AST-2011-005 and AST-2011-006,\nwhich were released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.4.40.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.1.25\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.2.17.3\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.3.3\n\nSecurity advisory AST-2011-005 and AST-2011-006 are available at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2011-6208.NASL", "href": "https://www.tenable.com/plugins/nessus/53835", "published": "2011-05-09T00:00:00", "title": "Fedora 13 : asterisk-1.6.2.18-1.fc13 (2011-6208)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-6208.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53835);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/08/02 13:32:35\");\n\n script_cve_id(\"CVE-2011-1507\", \"CVE-2011-1599\");\n script_bugtraq_id(47537);\n script_xref(name:\"FEDORA\", value:\"2011-6208\");\n\n script_name(english:\"Fedora 13 : asterisk-1.6.2.18-1.fc13 (2011-6208)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Asterisk Development Team has announced the release of Asterisk\n1.6.2.18. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/\n\nThe release of Asterisk 1.6.2.18 resolves several issues reported by\nthe community and would have not been possible without your\nparticipation. Thank you!\n\nThe following is a sample of the issues resolved in this release :\n\n - Only offer codecs both sides support for directmedia.\n (Closes issue #17403. Reported, patched by one47)\n\n - Resolution of several DTMF based attended transfer\n issues. (Closes issue #17999, #17096, #18395, #17273.\n Reported by iskatel, gelo, shihchuan, grecco. Patched by\n rmudgett) NOTE: Be sure to read the ChangeLog for more\n information about these changes.\n\n - Resolve deadlocks related to device states in chan_sip\n (Closes issue #18310. Reported, patched by one47.\n Patched by jpeeler)\n\n - Fix channel redirect out of MeetMe() and other issues\n with channel softhangup (Closes issue #18585. Reported\n by oej. Tested by oej, wedhorn, russellb. Patched by\n russellb)\n\n - Fix voicemail sequencing for file based storage. (Closes\n issue #18498, #18486. Reported by JJCinAZ, bluefox.\n Patched by jpeeler)\n\n - Guard against retransmitting BYEs indefinitely during\n attended transfers with chan_sip. (Review:\n https://reviewboard.asterisk.org/r/1077/)\n\nIn addition to the changes listed above, commits to resolve security\nissues AST-2011-005 and AST-2011-006 have been merged into this\nrelease. More information about AST-2011-005 and AST-2011-006 can be\nfound at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1\n8 The Asterisk Development Team has announced security releases for\nAsterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security\nreleases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and\n1.8.3.3.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3\nresolve two issues :\n\n - File Descriptor Resource Exhaustion (AST-2011-005)\n\n - Asterisk Manager User Shell Access (AST-2011-006)\n\nThe issues and resolutions are described in the AST-2011-005 and\nAST-2011-006 security advisories.\n\nFor more information about the details of these vulnerabilities,\nplease read the security advisories AST-2011-005 and AST-2011-006,\nwhich were released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.4.40.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.1.25\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.2.17.3\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.3.3\n\nSecurity advisory AST-2011-005 and AST-2011-006 are available at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-005.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-006.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.18\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b2e393f\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/releases/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cb56878c\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3157653f\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7b1180e\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58e47bf4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=698916\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=698917\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7c5ad20e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://reviewboard.asterisk.org/r/1077/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected asterisk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"asterisk-1.6.2.18-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:26:54", "bulletinFamily": "scanner", "description": "The Asterisk Development Team has announced the release of Asterisk\n1.6.2.18. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/\n\nThe release of Asterisk 1.6.2.18 resolves several issues reported by\nthe community and would have not been possible without your\nparticipation. Thank you!\n\nThe following is a sample of the issues resolved in this release :\n\n - Only offer codecs both sides support for directmedia.\n (Closes issue #17403. Reported, patched by one47)\n\n - Resolution of several DTMF based attended transfer\n issues. (Closes issue #17999, #17096, #18395, #17273.\n Reported by iskatel, gelo, shihchuan, grecco. Patched by\n rmudgett) NOTE: Be sure to read the ChangeLog for more\n information about these changes.\n\n - Resolve deadlocks related to device states in chan_sip\n (Closes issue #18310. Reported, patched by one47.\n Patched by jpeeler)\n\n - Fix channel redirect out of MeetMe() and other issues\n with channel softhangup (Closes issue #18585. Reported\n by oej. Tested by oej, wedhorn, russellb. Patched by\n russellb)\n\n - Fix voicemail sequencing for file based storage. (Closes\n issue #18498, #18486. Reported by JJCinAZ, bluefox.\n Patched by jpeeler)\n\n - Guard against retransmitting BYEs indefinitely during\n attended transfers with chan_sip. (Review:\n https://reviewboard.asterisk.org/r/1077/)\n\nIn addition to the changes listed above, commits to resolve security\nissues AST-2011-005 and AST-2011-006 have been merged into this\nrelease. More information about AST-2011-005 and AST-2011-006 can be\nfound at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1\n8\n\nThe Asterisk Development Team has announced security releases for\nAsterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security\nreleases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and\n1.8.3.3.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3\nresolve two issues :\n\n - File Descriptor Resource Exhaustion (AST-2011-005)\n\n - Asterisk Manager User Shell Access (AST-2011-006)\n\nThe issues and resolutions are described in the AST-2011-005 and\nAST-2011-006 security advisories.\n\nFor more information about the details of these vulnerabilities,\nplease read the security advisories AST-2011-005 and AST-2011-006,\nwhich were released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.4.40.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.1.25\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.2.17.3\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.3.3\n\nSecurity advisory AST-2011-005 and AST-2011-006 are available at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2011-6225.NASL", "href": "https://www.tenable.com/plugins/nessus/54286", "published": "2011-05-17T00:00:00", "title": "Fedora 14 : asterisk-1.6.2.18-1.fc14 (2011-6225)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-6225.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(54286);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/08/02 13:32:35\");\n\n script_cve_id(\"CVE-2011-1507\", \"CVE-2011-1599\");\n script_bugtraq_id(47537);\n script_xref(name:\"FEDORA\", value:\"2011-6225\");\n\n script_name(english:\"Fedora 14 : asterisk-1.6.2.18-1.fc14 (2011-6225)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Asterisk Development Team has announced the release of Asterisk\n1.6.2.18. This release is available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/\n\nThe release of Asterisk 1.6.2.18 resolves several issues reported by\nthe community and would have not been possible without your\nparticipation. Thank you!\n\nThe following is a sample of the issues resolved in this release :\n\n - Only offer codecs both sides support for directmedia.\n (Closes issue #17403. Reported, patched by one47)\n\n - Resolution of several DTMF based attended transfer\n issues. (Closes issue #17999, #17096, #18395, #17273.\n Reported by iskatel, gelo, shihchuan, grecco. Patched by\n rmudgett) NOTE: Be sure to read the ChangeLog for more\n information about these changes.\n\n - Resolve deadlocks related to device states in chan_sip\n (Closes issue #18310. Reported, patched by one47.\n Patched by jpeeler)\n\n - Fix channel redirect out of MeetMe() and other issues\n with channel softhangup (Closes issue #18585. Reported\n by oej. Tested by oej, wedhorn, russellb. Patched by\n russellb)\n\n - Fix voicemail sequencing for file based storage. (Closes\n issue #18498, #18486. Reported by JJCinAZ, bluefox.\n Patched by jpeeler)\n\n - Guard against retransmitting BYEs indefinitely during\n attended transfers with chan_sip. (Review:\n https://reviewboard.asterisk.org/r/1077/)\n\nIn addition to the changes listed above, commits to resolve security\nissues AST-2011-005 and AST-2011-006 have been merged into this\nrelease. More information about AST-2011-005 and AST-2011-006 can be\nfound at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nFor a full list of changes in this release, please see the ChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.1\n8\n\nThe Asterisk Development Team has announced security releases for\nAsterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security\nreleases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and\n1.8.3.3.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3\nresolve two issues :\n\n - File Descriptor Resource Exhaustion (AST-2011-005)\n\n - Asterisk Manager User Shell Access (AST-2011-006)\n\nThe issues and resolutions are described in the AST-2011-005 and\nAST-2011-006 security advisories.\n\nFor more information about the details of these vulnerabilities,\nplease read the security advisories AST-2011-005 and AST-2011-006,\nwhich were released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.4.40.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.1.25\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.2.17.3\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.3.3\n\nSecurity advisory AST-2011-005 and AST-2011-006 are available at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-005.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-006.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-1.6.2.18\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b2e393f\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/releases/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cb56878c\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3157653f\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7b1180e\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58e47bf4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=698916\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=698917\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-May/060200.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3b7ac52\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://reviewboard.asterisk.org/r/1077/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected asterisk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/04/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"asterisk-1.6.2.18-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:14:59", "bulletinFamily": "scanner", "description": "According to the version in its SIP banner, the version of Asterisk\nrunning on the remote host may be affected by multiple denial of\nservice vulnerabilities :\n\n - On systems that have the Asterisk Manager interface,\n Skinny, SIP over TCP, or the built-in HTTP server\n enabled, it is possible for an attacker to open an\n unlimited number of connections to Asterisk, which would\n cause Asterisk to run out of available file descriptors\n and stop processing any new calls. (AST-2011-005)\n\n - It is possible to bypass a security check and execute\n shell commands when they should not have that ability.\n Note that only users with the ", "modified": "2019-11-02T00:00:00", "id": "ASTERISK_AST_2011_006.NASL", "href": "https://www.tenable.com/plugins/nessus/53544", "published": "2011-04-25T00:00:00", "title": "Asterisk Multiple Vulnerabilities (AST-2011-005 / AST-2011-006)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53544);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/06/27 18:42:25\");\n\n script_cve_id(\"CVE-2011-1507\", \"CVE-2011-1599\");\n script_bugtraq_id(47537);\n script_xref(name:\"Secunia\", value:\"44197\");\n\n script_name(english:\"Asterisk Multiple Vulnerabilities (AST-2011-005 / AST-2011-006)\");\n script_summary(english:\"Checks version in SIP banner\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A telephony application running on the remote host is affected by\nmultiple denial of service vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version in its SIP banner, the version of Asterisk\nrunning on the remote host may be affected by multiple denial of\nservice vulnerabilities :\n\n - On systems that have the Asterisk Manager interface,\n Skinny, SIP over TCP, or the built-in HTTP server\n enabled, it is possible for an attacker to open an\n unlimited number of connections to Asterisk, which would\n cause Asterisk to run out of available file descriptors\n and stop processing any new calls. (AST-2011-005)\n\n - It is possible to bypass a security check and execute\n shell commands when they should not have that ability.\n Note that only users with the 'system' privilege should\n be able to do this. (AST-2011-006)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2011-005.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2011-006.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Asterisk 1.4.40.1 / 1.6.1.25 / 1.6.2.17.3 / 1.8.3.3 /\nBusiness Edition C.3.6.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:digium:asterisk\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Denial of Service\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"asterisk_detection.nasl\");\n script_require_keys(\"asterisk/sip_detected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"asterisk/sip_detected\");\n\n# see if we were able to get version info from the Asterisk SIP services\nasterisk_kbs = get_kb_list(\"sip/asterisk/*/version\");\nif (isnull(asterisk_kbs)) exit(1, \"Could not obtain any version information from the Asterisk SIP instance(s).\");\n\n# Prevent potential false positives.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nis_vuln = FALSE;\nnot_vuln_installs = make_list();\nerrors = make_list();\n\nforeach kb_name (keys(asterisk_kbs))\n{\n vulnerable = 0;\n\n matches = eregmatch(pattern:\"/(udp|tcp)/([0-9]+)/version\", string:kb_name);\n if (isnull(matches))\n {\n errors = make_list(errors, \"Unexpected error parsing port number from kb name: \"+kb_name);\n continue;\n }\n\n proto = matches[1];\n port = matches[2];\n version = asterisk_kbs[kb_name];\n\n if (version == 'unknown')\n {\n errors = make_list(errors, \"Unable to obtain version of install on \" + proto + \"/\" + port);\n continue;\n }\n\n banner = get_kb_item(\"sip/asterisk/\" + proto + \"/\" + port + \"/source\");\n if (!banner)\n {\n # We have version but banner is missing; log error\n # and use in version-check though.\n errors = make_list(errors, \"KB item 'sip/asterisk/\" + proto + \"/\" + port + \"/source' is missing\");\n banner = 'unknown';\n }\n\n if (version =~ '^1\\\\.4([^0-9]|$)')\n {\n fixed = '1.4.40.1';\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n else if (version =~ '^1\\\\.6([^0-9]|$)')\n {\n if (version =~ '^1\\\\.6\\\\.1([^0-9]|$)')\n {\n fixed = \"1.6.1.25\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n else if (version =~ '^1\\\\.6\\\\.2([^0-9]|$)')\n {\n fixed = \"1.6.2.17.3\";\n if (version =~ '^1\\\\.6\\\\.2\\\\.17([^0-9]|$)')\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n else\n vulnerable = ver_compare(ver:version, fix:\"1.6.2.17\", app:\"asterisk\");\n }\n }\n else if (version =~ '^1\\\\.8([^0-9]|$)')\n {\n fixed = \"1.8.3.3\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n else if (version =~ '^[A-Z]')\n {\n fixed = 'C.3.6.4';\n if (version[0] <= 'B')\n {\n vulnerable = -1;\n }\n else if (version[0] > 'C')\n {\n vulnerable = 1;\n }\n else\n {\n tmp_fixed = substr(fixed, 2);\n tmp_version = substr(version, 2);\n vulnerable = ver_compare(ver:tmp_version, fix:tmp_fixed, app:\"asterisk\");\n }\n }\n\n if (vulnerable < 0)\n {\n is_vuln = TRUE;\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed + '\\n';\n security_warning(port:port, proto:proto, extra:report);\n }\n else security_warning(port:port, proto:proto);\n }\n else not_vuln_installs = make_list(not_vuln_installs, version + \" on port \" + proto + \"/\" + port);\n}\n\nif (max_index(errors))\n{\n if (max_index(errors) == 1) errmsg = errors[0];\n else errmsg = 'Errors were encountered verifying installs : \\n ' + join(errors, sep:'\\n ');\n\n exit(1, errmsg);\n}\nelse\n{\n installs = max_index(not_vuln_installs);\n if (installs == 0)\n {\n if (is_vuln)\n exit(0);\n else\n audit(AUDIT_NOT_INST, \"Asterisk\");\n }\n else if (installs == 1) audit(AUDIT_INST_VER_NOT_VULN, \"Asterisk \" + not_vuln_installs[0]);\n else exit(0, \"The Asterisk installs (\" + join(not_vuln_installs, sep:\", \") + \") are not affected.\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:26:54", "bulletinFamily": "scanner", "description": "The Asterisk Development Team has announced security releases for\nAsterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security\nreleases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and\n1.8.3.3.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3\nresolve two issues :\n\n - File Descriptor Resource Exhaustion (AST-2011-005)\n\n - Asterisk Manager User Shell Access (AST-2011-006)\n\nThe issues and resolutions are described in the AST-2011-005 and\nAST-2011-006 security advisories.\n\nFor more information about the details of these vulnerabilities,\nplease read the security advisories AST-2011-005 and AST-2011-006,\nwhich were released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.4.40.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.1.25\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.2.17.3\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.3.3\n\nSecurity advisory AST-2011-005 and AST-2011-006 are available at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2011-5835.NASL", "href": "https://www.tenable.com/plugins/nessus/53566", "published": "2011-04-27T00:00:00", "title": "Fedora 15 : asterisk-1.8.3.3-1.fc15 (2011-5835)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-5835.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53566);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/08/02 13:32:35\");\n\n script_cve_id(\"CVE-2011-1507\", \"CVE-2011-1599\");\n script_bugtraq_id(47537);\n script_xref(name:\"FEDORA\", value:\"2011-5835\");\n\n script_name(english:\"Fedora 15 : asterisk-1.8.3.3-1.fc15 (2011-5835)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Asterisk Development Team has announced security releases for\nAsterisk branches 1.4, 1.6.1, 1.6.2, and 1.8. The available security\nreleases are released as versions 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and\n1.8.3.3.\n\nThese releases are available for immediate download at\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases\n\nThe releases of Asterisk 1.4.40.1, 1.6.1.25, 1.6.2.17.3, and 1.8.3.3\nresolve two issues :\n\n - File Descriptor Resource Exhaustion (AST-2011-005)\n\n - Asterisk Manager User Shell Access (AST-2011-006)\n\nThe issues and resolutions are described in the AST-2011-005 and\nAST-2011-006 security advisories.\n\nFor more information about the details of these vulnerabilities,\nplease read the security advisories AST-2011-005 and AST-2011-006,\nwhich were released at the same time as this announcement.\n\nFor a full list of changes in the current releases, please see the\nChangeLog :\n\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.4.40.1\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.1.25\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.6.2.17.3\nhttp://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLo\ng-1.8.3.3\n\nSecurity advisory AST-2011-005 and AST-2011-006 are available at :\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-005.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-006.pdf\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/telephony/asterisk/releases/\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.4.40.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cb56878c\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.1.25\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3157653f\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.6.2.17.3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7b1180e\"\n );\n # http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.3.3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?58e47bf4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=698916\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=698917\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-April/058922.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2aa6caf8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected asterisk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"asterisk-1.8.3.3-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"asterisk\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:21:08", "bulletinFamily": "scanner", "description": "Several vulnerabilities have been discovered in Asterisk, an Open\nSource PBX and telephony toolkit.\n\n - CVE-2011-1147\n Matthew Nicholson discovered that incorrect handling of\n UDPTL packets may lead to denial of service or the\n execution of arbitrary code.\n\n - CVE-2011-1174\n Blake Cornell discovered that incorrect connection\n handling in the manager interface may lead to denial of\n service.\n\n - CVE-2011-1175\n Blake Cornell and Chris May discovered that incorrect\n TCP connection handling may lead to denial of service.\n\n - CVE-2011-1507\n Tzafrir Cohen discovered that insufficient limitation of\n connection requests in several TCP based services may\n lead to denial of service. Please see AST-2011-005 for\n details.\n\n - CVE-2011-1599\n Matthew Nicholson discovered a privilege escalation\n vulnerability in the manager interface.", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-2225.NASL", "href": "https://www.tenable.com/plugins/nessus/53558", "published": "2011-04-27T00:00:00", "title": "Debian DSA-2225-1 : asterisk - several vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2225. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53558);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2011-1147\", \"CVE-2011-1174\", \"CVE-2011-1175\", \"CVE-2011-1507\", \"CVE-2011-1599\");\n script_bugtraq_id(46474, 46897, 46898, 47537);\n script_xref(name:\"DSA\", value:\"2225\");\n\n script_name(english:\"Debian DSA-2225-1 : asterisk - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Asterisk, an Open\nSource PBX and telephony toolkit.\n\n - CVE-2011-1147\n Matthew Nicholson discovered that incorrect handling of\n UDPTL packets may lead to denial of service or the\n execution of arbitrary code.\n\n - CVE-2011-1174\n Blake Cornell discovered that incorrect connection\n handling in the manager interface may lead to denial of\n service.\n\n - CVE-2011-1175\n Blake Cornell and Chris May discovered that incorrect\n TCP connection handling may lead to denial of service.\n\n - CVE-2011-1507\n Tzafrir Cohen discovered that insufficient limitation of\n connection requests in several TCP based services may\n lead to denial of service. Please see AST-2011-005 for\n details.\n\n - CVE-2011-1599\n Matthew Nicholson discovered a privilege escalation\n vulnerability in the manager interface.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1174\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1507\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://downloads.asterisk.org/pub/security/AST-2011-005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/asterisk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2225\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the asterisk packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:1.4.21.2~dfsg-3+lenny2.1.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.6.2.9-2+squeeze2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"asterisk\", reference:\"1:1.4.21.2~dfsg-3+lenny2.1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk\", reference:\"1:1.6.2.9-2+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-config\", reference:\"1:1.6.2.9-2+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-dbg\", reference:\"1:1.6.2.9-2+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-dev\", reference:\"1:1.6.2.9-2+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-doc\", reference:\"1:1.6.2.9-2+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-h323\", reference:\"1:1.6.2.9-2+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"asterisk-sounds-main\", reference:\"1:1.6.2.9-2+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:40:22", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201110-21\n(Asterisk: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Asterisk. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n An unauthenticated remote attacker may execute code with the privileges\n of the Asterisk process or cause a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.", "modified": "2019-11-02T00:00:00", "id": "GENTOO_GLSA-201110-21.NASL", "href": "https://www.tenable.com/plugins/nessus/56625", "published": "2011-10-25T00:00:00", "title": "GLSA-201110-21 : Asterisk: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201110-21.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56625);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/11 17:09:26\");\n\n script_cve_id(\"CVE-2011-1147\", \"CVE-2011-1174\", \"CVE-2011-1175\", \"CVE-2011-1507\", \"CVE-2011-1599\", \"CVE-2011-2529\", \"CVE-2011-2535\", \"CVE-2011-2536\", \"CVE-2011-2665\", \"CVE-2011-2666\", \"CVE-2011-4063\");\n script_bugtraq_id(46474, 46897, 46898, 47537, 48431, 48485, 50177);\n script_xref(name:\"GLSA\", value:\"201110-21\");\n\n script_name(english:\"GLSA-201110-21 : Asterisk: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201110-21\n(Asterisk: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Asterisk. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n An unauthenticated remote attacker may execute code with the privileges\n of the Asterisk process or cause a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201110-21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All asterisk 1.6.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.6.2.18.2'\n All asterisk 1.8.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.8.7.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:asterisk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/asterisk\", unaffected:make_list(\"ge 1.8.7.1\", \"rge 1.6.2.18.2\"), vulnerable:make_list(\"lt 1.8.7.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Asterisk\");\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "description": " Asterisk Project Security Advisory - AST-2011-005\r\n\r\n Product Asterisk \r\n Summary File Descriptor Resource Exhaustion \r\n Nature of Advisory Denial of Service \r\n Susceptibility Remote Unauthenticated TCP Based Sessions (TCP SIP, \r\n Skinny, Asterisk Manager Interface, and HTTP sessions) \r\n Severity Moderate \r\n Exploits Known Yes \r\n Reported On March 18, 2011 \r\n Reported By Tzafrir Cohen < tzafrir.cohen AT xorcom DOT com > \r\n Posted On April 21, 2011 \r\n Last Updated On April 21, 2011 \r\n Advisory Contact Matthew Nicholson <mnicholson@digium.com> \r\n CVE Name CVE-2011-1507 \r\n\r\n Description On systems that have the Asterisk Manager Interface, Skinny, \r\n SIP over TCP, or the built in HTTP server enabled, it is \r\n possible for an attacker to open as many connections to \r\n asterisk as he wishes. This will cause Asterisk to run out of \r\n available file descriptors and stop processing any new calls. \r\n Additionally, disk space can be exhausted as Asterisk logs \r\n failures to open new file descriptors. \r\n\r\n Resolution Asterisk can now limit the number of unauthenticated \r\n connections to each vulnerable interface and can also limit the \r\n time unauthenticated clients will remain connected for some \r\n interfaces. This will prevent vulnerable interfaces from using \r\n up all available file descriptors. Care should be taken when \r\n setting the connection limits so that the combined total of \r\n allowed unauthenticated sessions from each service is not more \r\n than the file descriptor limit for the Asterisk process. The \r\n file descriptor limit can be checked (and set) using the \r\n "ulimit -n" command for the process' limit and the \r\n "/proc/sys/fs/file-max" file (on Linux) for the system's limit. \r\n \r\n It will still be possible for an attacker to deny service to \r\n each of the vulnerable services individually. To mitigate this \r\n risk, vulnerable services should be run behind a firewall that \r\n can detect and prevent DoS attacks. \r\n \r\n In addition to using a firewall to filter traffic, vulnerable \r\n systems can be protected by disabling the vulnerable services \r\n in their respective configuration files. \r\n\r\n Affected Versions\r\n Product Release Series \r\n Asterisk Open Source 1.4.x All versions \r\n Asterisk Open Source 1.6.1.x All versions \r\n Asterisk Open Source 1.6.2.x All versions \r\n Asterisk Open Source 1.8.x All versions \r\n Asterisk Business Edition C.x.x All versions \r\n\r\n Corrected In\r\n Product Release \r\n Asterisk Open Source 1.4.40.1, 1.6.1.25, 1.6.2.17.3, 1.8.3.3 \r\n Asterisk Business Edition C.3.6.4 \r\n\r\n Patches \r\n URL Branch \r\n http://downloads.asterisk.org/pub/security/AST-2011-005-1.4.diff 1.4 \r\n http://downloads.asterisk.org/pub/security/AST-2011-005-1.6.1.diff 1.6.1 \r\n http://downloads.asterisk.org/pub/security/AST-2011-005-1.6.2.diff 1.6.2 \r\n http://downloads.asterisk.org/pub/security/AST-2011-005-1.8.diff 1.8 \r\n\r\n Asterisk Project Security Advisories are posted at \r\n http://www.asterisk.org/security \r\n \r\n This document may be superseded by later versions; if so, the latest \r\n version will be posted at \r\n http://downloads.digium.com/pub/security/AST-2011-005.pdf and \r\n http://downloads.digium.com/pub/security/AST-2011-005.html \r\n\r\n Revision History\r\n Date Editor Revisions Made \r\n 04/21/11 Matthew Nicholson Initial version \r\n\r\n Asterisk Project Security Advisory - AST-2011-005\r\n Copyright (c) 2011 Digium, Inc. All Rights Reserved.\r\n Permission is hereby granted to distribute and publish this advisory in its\r\n original, unaltered form.", "modified": "2011-04-27T00:00:00", "published": "2011-04-27T00:00:00", "id": "SECURITYVULNS:DOC:26230", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26230", "title": "AST-2011-005: File Descriptor Resource Exhaustion", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:40:02", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2011-05-12T00:00:00", "id": "OPENVAS:136141256231069591", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069591", "title": "FreeBSD Ports: asterisk14", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_asterisk141.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 3c7d565a-6c64-11e0-813a-6c626dd55a41\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69591\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1507\");\n script_name(\"FreeBSD Ports: asterisk14\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n asterisk14\n asterisk16\n asterisk18\n\nCVE-2011-1507\nAsterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25,\n1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk\nBusiness Edition C.x.x before C.3.6.4 do not restrict the number of\nunauthenticated sessions to certain interfaces, which allows remote\nattackers to cause a denial of service (file descriptor exhaustion and\ndisk space exhaustion) via a series of TCP connections.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://downloads.asterisk.org/pub/security/AST-2011-005.pdf\");\n script_xref(name:\"URL\", value:\"http://downloads.asterisk.org/pub/security/AST-2011-006.pdf\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/3c7d565a-6c64-11e0-813a-6c626dd55a41.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"asterisk14\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4\")>0 && revcomp(a:bver, b:\"1.4.40.1\")<0) {\n txt += 'Package asterisk14 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"asterisk16\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6\")>0 && revcomp(a:bver, b:\"1.6.2.17.3\")<0) {\n txt += 'Package asterisk16 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"asterisk18\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8\")>0 && revcomp(a:bver, b:\"1.8.3.3\")<0) {\n txt += 'Package asterisk18 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-02T21:13:45", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-02-25T00:00:00", "published": "2011-05-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=69591", "id": "OPENVAS:69591", "title": "FreeBSD Ports: asterisk14", "type": "openvas", "sourceData": "#\n#VID 3c7d565a-6c64-11e0-813a-6c626dd55a41\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 3c7d565a-6c64-11e0-813a-6c626dd55a41\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n asterisk14\n asterisk16\n asterisk18\n\nCVE-2011-1507\nAsterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25,\n1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk\nBusiness Edition C.x.x before C.3.6.4 do not restrict the number of\nunauthenticated sessions to certain interfaces, which allows remote\nattackers to cause a denial of service (file descriptor exhaustion and\ndisk space exhaustion) via a series of TCP connections.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://downloads.asterisk.org/pub/security/AST-2011-005.pdf\nhttp://downloads.asterisk.org/pub/security/AST-2011-006.pdf\nhttp://www.vuxml.org/freebsd/3c7d565a-6c64-11e0-813a-6c626dd55a41.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\n\nif(description)\n{\n script_id(69591);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1507\");\n script_name(\"FreeBSD Ports: asterisk14\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"asterisk14\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4\")>0 && revcomp(a:bver, b:\"1.4.40.1\")<0) {\n txt += 'Package asterisk14 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"asterisk16\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6\")>0 && revcomp(a:bver, b:\"1.6.2.17.3\")<0) {\n txt += 'Package asterisk16 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"asterisk18\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.8\")>0 && revcomp(a:bver, b:\"1.8.3.3\")<0) {\n txt += 'Package asterisk18 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:21", "bulletinFamily": "scanner", "description": "Check for the Version of asterisk", "modified": "2017-07-10T00:00:00", "published": "2011-05-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=863076", "id": "OPENVAS:863076", "title": "Fedora Update for asterisk FEDORA-2011-6208", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2011-6208\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"asterisk on Fedora 13\";\ntag_insight = \"Asterisk is a complete PBX in software. It runs on Linux and provides\n all of the features you would expect from a PBX and more. Asterisk\n does voice over IP in three protocols, and can interoperate with\n almost all standards-based telephony equipment using relatively\n inexpensive hardware.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html\");\n script_id(863076);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-6208\");\n script_cve_id(\"CVE-2011-1507\", \"CVE-2011-1599\");\n script_name(\"Fedora Update for asterisk FEDORA-2011-6208\");\n\n script_summary(\"Check for the Version of asterisk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.6.2.18~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:28", "bulletinFamily": "scanner", "description": "Check for the Version of asterisk", "modified": "2017-07-10T00:00:00", "published": "2011-05-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=863086", "id": "OPENVAS:863086", "title": "Fedora Update for asterisk FEDORA-2011-6225", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2011-6225\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"asterisk on Fedora 14\";\ntag_insight = \"Asterisk is a complete PBX in software. It runs on Linux and provides\n all of the features you would expect from a PBX and more. Asterisk\n does voice over IP in three protocols, and can interoperate with\n almost all standards-based telephony equipment using relatively\n inexpensive hardware.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060200.html\");\n script_id(863086);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-17 15:58:48 +0200 (Tue, 17 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-6225\");\n script_cve_id(\"CVE-2011-1507\", \"CVE-2011-1599\");\n script_name(\"Fedora Update for asterisk FEDORA-2011-6225\");\n\n script_summary(\"Check for the Version of asterisk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.6.2.18~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:36", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-05-10T00:00:00", "id": "OPENVAS:1361412562310863076", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863076", "title": "Fedora Update for asterisk FEDORA-2011-6208", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2011-6208\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863076\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-6208\");\n script_cve_id(\"CVE-2011-1507\", \"CVE-2011-1599\");\n script_name(\"Fedora Update for asterisk FEDORA-2011-6208\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'asterisk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"asterisk on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.6.2.18~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:47", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-05-17T00:00:00", "id": "OPENVAS:1361412562310863086", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863086", "title": "Fedora Update for asterisk FEDORA-2011-6225", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for asterisk FEDORA-2011-6225\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060200.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863086\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-17 15:58:48 +0200 (Tue, 17 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-6225\");\n script_cve_id(\"CVE-2011-1507\", \"CVE-2011-1599\");\n script_name(\"Fedora Update for asterisk FEDORA-2011-6225\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'asterisk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"asterisk on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"asterisk\", rpm:\"asterisk~1.6.2.18~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:34", "bulletinFamily": "scanner", "description": "The remote host is missing an update to asterisk\nannounced via advisory DSA 2225-1.", "modified": "2019-03-18T00:00:00", "published": "2011-05-12T00:00:00", "id": "OPENVAS:136141256231069568", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069568", "title": "Debian Security Advisory DSA 2225-1 (asterisk)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2225_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2225-1 (asterisk)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69568\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1147\", \"CVE-2011-1174\", \"CVE-2011-1175\", \"CVE-2011-1507\", \"CVE-2011-1599\");\n script_name(\"Debian Security Advisory DSA 2225-1 (asterisk)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(5|6)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202225-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in Asterisk, an Open Source\nPBX and telephony toolkit.\n\nCVE-2011-1147\n\nMatthew Nicholson discovered that incorrect handling of UDPTL packets\nmay lead to denial of service of the execution of arbitrary code.\n\nCVE-2011-1174\n\nBlake Cornell discovered that incorrect connection handling in the\nmanager interface may lead to denial of service.\n\nCVE-2011-1175\n\nBlake Cornell and Chris May discovered that incorrect TCP connection\nhandling may lead to denial of service.\n\nCVE-2011-1507\n\nTzafrir Cohen discovered that insufficient limitation of connection\nrequests in several TCP based services may lead to denial of service.\n\nCVE-2011-1599\n\nMatthew Nicholson discovered a privilege escalation vulnerability in\nthe manager interface.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:1.4.21.2~dfsg-3+lenny2.1.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.6.2.9-2+squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:1.8.3.3-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your asterisk packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to asterisk\nannounced via advisory DSA 2225-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dbg\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-h323\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-sounds-main\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dbg\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-h323\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"asterisk-sounds-main\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:32", "bulletinFamily": "scanner", "description": "The remote host is missing an update to asterisk\nannounced via advisory DSA 2225-1.", "modified": "2017-07-07T00:00:00", "published": "2011-05-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=69568", "id": "OPENVAS:69568", "title": "Debian Security Advisory DSA 2225-1 (asterisk)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2225_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2225-1 (asterisk)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in Asterisk, an Open Source\nPBX and telephony toolkit.\n\nCVE-2011-1147\n\nMatthew Nicholson discovered that incorrect handling of UDPTL packets\nmay lead to denial of service of the execution of arbitrary code.\n\nCVE-2011-1174\n\nBlake Cornell discovered that incorrect connection handling in the\nmanager interface may lead to denial of service.\n\nCVE-2011-1175\n\nBlake Cornell and Chris May discovered that incorrect TCP connection\nhandling may lead to denial of service.\n\nCVE-2011-1507\n\nTzafrir Cohen discovered that insufficient limitation of connection\nrequests in several TCP based services may lead to denial of service.\nPlease see http://downloads.asterisk.org/pub/security/AST-2011-005.html\nfor details.\n\nCVE-2011-1599\n\nMatthew Nicholson discovered a privilege escalation vulnerability in\nthe manager interface.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:1.4.21.2~dfsg-3+lenny2.1.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.6.2.9-2+squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:1.8.3.3-1.\n\nWe recommend that you upgrade your asterisk packages.\";\ntag_summary = \"The remote host is missing an update to asterisk\nannounced via advisory DSA 2225-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202225-1\";\n\n\nif(description)\n{\n script_id(69568);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1147\", \"CVE-2011-1174\", \"CVE-2011-1175\", \"CVE-2011-1507\", \"CVE-2011-1599\");\n script_name(\"Debian Security Advisory DSA 2225-1 (asterisk)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-dbg\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-h323\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-sounds-main\", ver:\"1:1.4.21.2~dfsg-3+lenny2.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-config\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-dbg\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-dev\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-doc\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-h323\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"asterisk-sounds-main\", ver:\"1:1.6.2.9-2+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:20", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-21.", "modified": "2018-10-12T00:00:00", "published": "2012-02-12T00:00:00", "id": "OPENVAS:136141256231070784", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070784", "title": "Gentoo Security Advisory GLSA 201110-21 (Asterisk)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_21.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70784\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1147\", \"CVE-2011-1174\", \"CVE-2011-1175\", \"CVE-2011-1507\", \"CVE-2011-1599\", \"CVE-2011-2529\", \"CVE-2011-2535\", \"CVE-2011-2536\", \"CVE-2011-2665\", \"CVE-2011-2666\", \"CVE-2011-4063\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:40 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-21 (Asterisk)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities in Asterisk might allow unauthenticated\n remote attackers to execute arbitrary code.\");\n script_tag(name:\"solution\", value:\"All asterisk 1.6.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.6.2.18.2'\n\n\nAll asterisk 1.8.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.8.7.1'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-21\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=352059\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=355967\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=359767\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=364887\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=372793\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373409\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=387453\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-21.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-misc/asterisk\", unaffected: make_list(\"ge 1.8.7.1\", \"rge 1.6.2.18.2\"), vulnerable: make_list(\"lt 1.8.7.1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:45", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-21.", "modified": "2017-07-07T00:00:00", "published": "2012-02-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=70784", "id": "OPENVAS:70784", "title": "Gentoo Security Advisory GLSA 201110-21 (Asterisk)", "type": "openvas", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Asterisk might allow unauthenticated\n remote attackers to execute arbitrary code.\";\ntag_solution = \"All asterisk 1.6.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.6.2.18.2'\n \n\nAll asterisk 1.8.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/asterisk-1.8.7.1'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-21\nhttp://bugs.gentoo.org/show_bug.cgi?id=352059\nhttp://bugs.gentoo.org/show_bug.cgi?id=355967\nhttp://bugs.gentoo.org/show_bug.cgi?id=359767\nhttp://bugs.gentoo.org/show_bug.cgi?id=364887\nhttp://bugs.gentoo.org/show_bug.cgi?id=372793\nhttp://bugs.gentoo.org/show_bug.cgi?id=373409\nhttp://bugs.gentoo.org/show_bug.cgi?id=387453\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201110-21.\";\n\n \n \nif(description)\n{\n script_id(70784);\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1147\", \"CVE-2011-1174\", \"CVE-2011-1175\", \"CVE-2011-1507\", \"CVE-2011-1599\", \"CVE-2011-2529\", \"CVE-2011-2535\", \"CVE-2011-2536\", \"CVE-2011-2665\", \"CVE-2011-2666\", \"CVE-2011-4063\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:40 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-21 (Asterisk)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"net-misc/asterisk\", unaffected: make_list(\"ge 1.8.7.1\", \"rge 1.6.2.18.2\"), vulnerable: make_list(\"lt 1.8.7.1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:59", "bulletinFamily": "unix", "description": "\nThe Asterisk Development Team reports:\n\nIt is possible for a user of the Asterisk Manager Interface to\n\t bypass a security check and execute shell commands when they\n\t should not have that ability. Sending the \"Async\" header with\n\t the \"Application\" header during an Originate action, allows\n\t authenticated manager users to execute shell commands. Only\n\t users with the \"system\" privilege should be able to do this.\nOn systems that have the Asterisk Manager Interface, Skinny, SIP\n\t over TCP, or the built in HTTP server enabled, it is possible for\n\t an attacker to open as many connections to asterisk as he wishes.\n\t This will cause Asterisk to run out of available file descriptors\n\t and stop processing any new calls. Additionally, disk space can\n\t be exhausted as Asterisk logs failures to open new file\n\t descriptors.\n\n", "modified": "2011-04-21T00:00:00", "published": "2011-04-21T00:00:00", "id": "3C7D565A-6C64-11E0-813A-6C626DD55A41", "href": "https://vuxml.freebsd.org/freebsd/3c7d565a-6c64-11e0-813a-6c626dd55a41.html", "title": "Asterisk -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:35", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2225-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nApril 25, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : asterisk\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2011-1147 CVE-2011-1174 CVE-2011-1175 CVE-2011-1507 \n CVE-2011-1599 \n\nSeveral vulnerabilities have been discovered in Asterisk, an Open Source\nPBX and telephony toolkit.\n\nCVE-2011-1147 \n\n Matthew Nicholson discovered that incorrect handling of UDPTL packets\n may lead to denial of service of the execution of arbitrary code.\n\nCVE-2011-1174\n\n Blake Cornell discovered that incorrect connection handling in the\n manager interface may lead to denial of service.\n\nCVE-2011-1175\n\n Blake Cornell and Chris May discovered that incorrect TCP connection \n handling may lead to denial of service.\n\nCVE-2011-1507 \n\n Tzafrir Cohen discovered that insufficient limitation of connection\n requests in several TCP based services may lead to denial of service.\n Please see http://downloads.asterisk.org/pub/security/AST-2011-005.html\n for details.\n\nCVE-2011-1599 \n\n Matthew Nicholson discovered a privilege escalation vulnerability in\n the manager interface.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:1.4.21.2~dfsg-3+lenny2.1.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.6.2.9-2+squeeze2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:1.8.3.3-1.\n\nWe recommend that you upgrade your asterisk packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n\n", "modified": "2011-04-26T21:18:08", "published": "2011-04-26T21:18:08", "id": "DEBIAN:DSA-2225-1:A71CE", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00094.html", "title": "[SECURITY] [DSA 2225-1] asterisk security update", "type": "debian", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:00", "bulletinFamily": "unix", "description": "### Background\n\nAsterisk is an open source telephony engine and toolkit. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn unauthenticated remote attacker may execute code with the privileges of the Asterisk process or cause a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll asterisk 1.6.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/asterisk-1.6.2.18.2\"\n \n\nAll asterisk 1.8.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/asterisk-1.8.7.1\"", "modified": "2011-10-24T00:00:00", "published": "2011-10-24T00:00:00", "id": "GLSA-201110-21", "href": "https://security.gentoo.org/glsa/201110-21", "type": "gentoo", "title": "Asterisk: Multiple vulnerabilities", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}