Asterisk: Multiple vulnerabilities

Asterisk: Multiple vulnerabilities Multiple vulnerabilities in Asterisk might allow unauthenticated remote attackers to execute arbitrary code. Asterisk 2011-10-24 2011-10-24 352059 355967 359767 364887 372793 373409 387453 remote 1.8.7.1 1.6.2.18.2 1.8.7.1

Asterisk is an open source telephony engine and toolkit.

Multiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers referenced below for details.

An unauthenticated remote attacker may execute code with the privileges of the Asterisk process or cause a Denial of Service.

There is no known workaround at this time.

All asterisk 1.6.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.6.2.18.2"

All asterisk 1.8.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.8.7.1"

CVE-2011-1147 CVE-2011-1174 CVE-2011-1175 CVE-2011-1507 CVE-2011-1599 CVE-2011-2529 CVE-2011-2535 CVE-2011-2536 CVE-2011-2665 CVE-2011-2666 CVE-2011-4063 underling underling