FreeBSD : asterisk -- Exploitable Stack Buffer Overflow (5ab9fb2a-23a5-11e0-a835-0003ba02bf30)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The Asterisk Development Team reports :

The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1,
1.6.2.16.2, 1.8.1.2, and 1.8.2.1 resolve an issue when forming an
outgoing SIP request while in pedantic mode, which can cause a stack
buffer to be made to overflow if supplied with carefully crafted
caller ID information. The issue and resolution are described in the
AST-2011-001 security advisory.

See also :

http://downloads.asterisk.org/pub/security/AST-2011-001.pdf
http://www.nessus.org/u?05d6ebd1

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 51582 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now