Mandriva Linux Security Advisory : asterisk (MDVSA-2014:218)
Medium Nessus Plugin ID 79405
The remote Mandriva Linux host is missing one or more security updates.
Multiple vulnerabilities has been discovered and corrected in asterisk : Remote crash when handling out of call message in certain dialplan configurations (CVE-2014-6610). Asterisk Susceptibility to POODLE Vulnerability (CVE-2014-3566). Mixed IP address families in access control lists may permit unwanted traffic. High call load may result in hung channels in ConfBridge. Permission escalation through ConfBridge actions/dialplan functions. The updated packages has been upgraded to the 11.14.1 version which is not vulnerable to these issues.