English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.69568
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 2225-1 (asterisk)
Zusammenfassung:The remote host is missing an update to asterisk;announced via advisory DSA 2225-1.
Beschreibung:Summary:
The remote host is missing an update to asterisk
announced via advisory DSA 2225-1.

Vulnerability Insight:
Several vulnerabilities have been discovered in Asterisk, an Open Source
PBX and telephony toolkit.

CVE-2011-1147

Matthew Nicholson discovered that incorrect handling of UDPTL packets
may lead to denial of service of the execution of arbitrary code.

CVE-2011-1174

Blake Cornell discovered that incorrect connection handling in the
manager interface may lead to denial of service.

CVE-2011-1175

Blake Cornell and Chris May discovered that incorrect TCP connection
handling may lead to denial of service.

CVE-2011-1507

Tzafrir Cohen discovered that insufficient limitation of connection
requests in several TCP based services may lead to denial of service.

CVE-2011-1599

Matthew Nicholson discovered a privilege escalation vulnerability in
the manager interface.

For the oldstable distribution (lenny), this problem has been fixed in
version 1:1.4.21.2~
dfsg-3+lenny2.1.

For the stable distribution (squeeze), this problem has been fixed in
version 1:1.6.2.9-2+squeeze2.

For the unstable distribution (sid), this problem has been fixed in
version 1:1.8.3.3-1.

Solution:
We recommend that you upgrade your asterisk packages.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1147
BugTraq ID: 46474
http://www.securityfocus.com/bid/46474
Debian Security Information: DSA-2225 (Google Search)
http://www.debian.org/security/2011/dsa-2225
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055030.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055421.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055634.html
http://www.openwall.com/lists/oss-security/2011/03/11/2
http://www.openwall.com/lists/oss-security/2011/03/11/8
http://www.securitytracker.com/id?1025101
http://secunia.com/advisories/43429
http://secunia.com/advisories/43702
http://www.vupen.com/english/advisories/2011/0635
Common Vulnerability Exposure (CVE) ID: CVE-2011-1174
BugTraq ID: 46897
http://www.securityfocus.com/bid/46897
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057163.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/057156.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056945.html
http://openwall.com/lists/oss-security/2011/03/17/5
http://openwall.com/lists/oss-security/2011/03/21/12
http://securitytracker.com/id?1025223
http://www.vupen.com/english/advisories/2011/0686
http://www.vupen.com/english/advisories/2011/0790
XForce ISS Database: asterisk-writes-dos(66139)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66139
Common Vulnerability Exposure (CVE) ID: CVE-2011-1175
BugTraq ID: 46898
http://www.securityfocus.com/bid/46898
http://securitytracker.com/id?1025224
XForce ISS Database: asterisk-handletcptlsconnection-dos(66140)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66140
Common Vulnerability Exposure (CVE) ID: CVE-2011-1507
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058922.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html
http://securitytracker.com/id?1025432
http://secunia.com/advisories/44197
http://secunia.com/advisories/44529
http://www.vupen.com/english/advisories/2011/1086
http://www.vupen.com/english/advisories/2011/1107
http://www.vupen.com/english/advisories/2011/1188
Common Vulnerability Exposure (CVE) ID: CVE-2011-1599
BugTraq ID: 47537
http://www.securityfocus.com/bid/47537
http://openwall.com/lists/oss-security/2011/04/22/6
http://securitytracker.com/id?1025433
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.