This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Fedora host is missing a security update.
Update to 184.108.40.206, which fixes 2 security vulnerabilities. The
Asterisk Development Team has announced security releases for Asterisk
1.4, 1.6.2 and 1.8. The available security releases are released as
versions 1.4.43, 220.127.116.11 and 18.104.22.168.
These releases are available for immediate download at
The release of Asterisk versions 1.4.43, 22.214.171.124, and 126.96.36.199
resolves an issue with possible remote enumeration of SIP endpoints
with differing NAT settings.
The release of Asterisk versions 188.8.131.52 and 184.108.40.206 resolves a
remote crash possibility with SIP when the 'automon' feature is
The issues and resolutions are described in the AST-2011-013 and
AST-2011-014 security advisories.
For more information about the details of these vulnerabilities,
please read the security advisories AST-2011-013 and AST-2011-014,
which were released at the same time as this announcement.
For a full list of changes in the current releases, please see the
Security advisory AST-2011-013 is available at :
Security advisory AST-2011-014 is available at :
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
See also :
Update the affected asterisk package.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.9
Public Exploit Available : true
Family: Fedora Local Security Checks
Nessus Plugin ID: 58549 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now