Title : Debian Security Update Fixes Asterisk Buffer Overflow and Directory Traversal VUPEN ID : VUPEN/ADV-2006-1597 CVE ID : CVE-2005-3559 - CVE-2006-1827
Rated as : High Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2006-05-02
Technical Description
Debian has released updated packages to address two vulnerabilities identified in Asterisk. These flaws could be exploited by attackers to bypass security restrictions or execute arbitrary commands. For additional information, see : VUPEN/ADV-2006-1478 - VUPEN/ADV-2005-2346
Debian GNU/Linux old-stable (woody) - Upgrade to version 0.1.11-3woody1
Debian GNU/Linux stable (sarge) - Upgrade to version 1.0.7.dfsg.1-2sarge2
Debian GNU/Linux unstable (sid) - Upgrade to version 1.2.7.1.dfsg-1 References
