diff options
author | flo <flo@FreeBSD.org> | 2011-06-03 04:39:53 +0800 |
---|---|---|
committer | flo <flo@FreeBSD.org> | 2011-06-03 04:39:53 +0800 |
commit | 1f66c4e66b36bc3381e33ec7f502b7ac76609118 (patch) | |
tree | 23140f2dcfb39035e593fee1780eca39cbcfade4 | |
parent | 1070b6c45214b8b9830553699b36489cceff5e17 (diff) | |
download | freebsd-ports-gnome-1f66c4e66b36bc3381e33ec7f502b7ac76609118.tar.gz freebsd-ports-gnome-1f66c4e66b36bc3381e33ec7f502b7ac76609118.tar.zst freebsd-ports-gnome-1f66c4e66b36bc3381e33ec7f502b7ac76609118.zip |
- document asterisk remote crash vulnerability
Security: http://www.vuxml.org/freebsd/34ce5817-8d56-11e0-b5a2-6c626dd55a41.html
-rw-r--r-- | security/vuxml/vuln.xml | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 6e0b92c997ef..e2def2995d65 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,35 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="34ce5817-8d56-11e0-b5a2-6c626dd55a41"> + <topic>asterisk -- Remote crash vulnerability</topic> + <affects> + <package> + <name>asterisk18</name> + <range><gt>1.8.*</gt><lt>1.8.4.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Asterisk Development Team reports:</p> + <blockquote cite="http://lists.digium.com/pipermail/asterisk-announce/2011-June/000325.html"> + <p>If a remote user initiates a SIP call and the recipient picks up, + the remote user can reply with a malformed Contact header that + Asterisk will improperly handle and cause a crash due to a + segmentation fault.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-2216</cvename> + <url>http://downloads.asterisk.org/pub/security/AST-2011-007.pdf</url> + </references> + <dates> + <discovery>2011-06-02</discovery> + <entry>2011-06-02</entry> + </dates> + </vuln> + <vuln vid="e27a1af3-8d21-11e0-a45d-001e8c75030d"> <topic>subversion -- multiple vulnerabilities</topic> <affects> |