This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Multiple vulnerabilities has been discovered and corrected in
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and
Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated
Manager users to execute arbitrary shell commands via a MixMonitor
Asterisk Open Source 1.8.x before 22.214.171.124, 11.x before 11.10.1, and
12.x before 12.3.1 and Certified Asterisk 1.8.15 before 1.8.15-cert6
and 11.6 before 11.6-cert3 allows remote attackers to cause a denial
of service (connection consumption) via a large number of (1) inactive
or (2) incomplete HTTP connections (CVE-2014-4047).
The updated packages has been upgraded to the 11.11.0 version which is
not vulnerable to these issues.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.7
Public Exploit Available : false