FreeBSD : asterisk -- multiple vulnerabilities (daf0a339-9850-11e2-879e-d43d7e0c7c02)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Asterisk project reports :

Buffer Overflow Exploit Through SIP SDP Header

Username disclosure in SIP channel driver

Denial of Service in HTTP server

See also :

http://downloads.asterisk.org/pub/security/AST-2013-001.html
http://downloads.asterisk.org/pub/security/AST-2013-002.html
http://downloads.asterisk.org/pub/security/AST-2013-003.html
https://www.asterisk.org/security
http://www.nessus.org/u?aad99ad5

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 65852 ()

Bugtraq ID:

CVE ID: CVE-2013-2264
CVE-2013-2685
CVE-2013-2686

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now