FreeBSD : asterisk -- SRTP Video Remote Crash Vulnerability (dd698b76-42f7-11e1-a1b6-14dae9ebcf89)

high Nessus Plugin ID 57612

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

Asterisk project reports :

An attacker attempting to negotiate a secure video stream can crash Asterisk if video support has not been enabled and the res_srtp Asterisk module is loaded.

Solution

Update the affected packages.

See Also

http://downloads.asterisk.org/pub/security/AST-2012-001.html

http://www.nessus.org/u?e1828ac9

Plugin Details

Severity: High

ID: 57612

File Name: freebsd_pkg_dd698b7642f711e1a1b614dae9ebcf89.nasl

Version: 1.5

Type: local

Published: 1/20/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:asterisk10, p-cpe:/a:freebsd:freebsd:asterisk18, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/20/2012

Vulnerability Publication Date: 1/15/2012