Secunia Security Advisory - Debian has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, and by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
770c629def5fe46d4a51aa94b7af08312dc3f2ac13d1e0b065c89d4cc6a8c316
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Debian update for asterisk
SECUNIA ADVISORY ID:
SA26602
VERIFY ADVISORY:
http://secunia.com/advisories/26602/
CRITICAL:
Highly critical
IMPACT:
Exposure of sensitive information, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
Debian GNU/Linux 4.0
http://secunia.com/product/13844/
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
DESCRIPTION:
Debian has issued an update for asterisk. This fixes some
vulnerabilities, which can be exploited by malicious users to
disclose potentially sensitive information, and by malicious people
to cause a DoS (Denial of Service) or potentially compromise a
vulnerable system.
For more information:
SA24380
SA24564
SA24977
SA25134
SA26099
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 3.1 alias sarge --
Source archives:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5.dsc
Size/MD5 checksum: 1299 9990edac549f774358a79d593ff43a2d
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5.diff.gz
Size/MD5 checksum: 72628 a792656a9b891c48038f16ed102da075
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1.orig.tar.gz
Size/MD5 checksum: 2929488 0d0f718ccd7a06ab998c3f637df294c0
Architecture independent components:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-config_1.0.7.dfsg.1-2sarge5_all.deb
Size/MD5 checksum: 62122 4488dbad49606db2bb69979c6de5d9a1
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-dev_1.0.7.dfsg.1-2sarge5_all.deb
Size/MD5 checksum: 83904 01ec5e039b1f34c512a3816d0ff14290
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-doc_1.0.7.dfsg.1-2sarge5_all.deb
Size/MD5 checksum: 1578092 3bc955e7f50c8ee2ab0877c9bf6d7e27
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-sounds-main_1.0.7.dfsg.1-2sarge5_all.deb
Size/MD5 checksum: 1180686 9b2af441ef41584b0ab64ed253400ed2
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-web-vmail_1.0.7.dfsg.1-2sarge5_all.deb
Size/MD5 checksum: 28906 f487ba4ae90a38dac7d7892994977e78
Alpha architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_alpha.deb
Size/MD5 checksum: 1503206 a87cb7693d1e6ef9fa72725a07c58700
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_alpha.deb
Size/MD5 checksum: 32282 15e30b5844a0436208fae8aef3bb8128
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_alpha.deb
Size/MD5 checksum: 21684 65d467d776b77d4af8e7ba9695ea855f
AMD64 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_amd64.deb
Size/MD5 checksum: 1333966 35dea08bbb3e3ae98622bfc8e2395efa
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_amd64.deb
Size/MD5 checksum: 31364 b4738c7141ebdb63ff40c4ec51db182d
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_amd64.deb
Size/MD5 checksum: 21968 04e606d2f26e1b896e2c1e4b3afc0024
ARM architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_arm.deb
Size/MD5 checksum: 1285102 17b0f44fe5799119c6a77aba693b1387
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_arm.deb
Size/MD5 checksum: 30220 c7d9b2469dda7a56b2cbf37514e983a5
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_arm.deb
Size/MD5 checksum: 21976 aa7e96d4660b32f99fbc23945b9ab92f
HP Precision architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_hppa.deb
Size/MD5 checksum: 1448684 baf5d73032d0075fdc54aa8bc12624f3
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_hppa.deb
Size/MD5 checksum: 32002 6e367939c617f4b86c1f9cc8ba1ed43c
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_hppa.deb
Size/MD5 checksum: 21972 52e04cbfa198a686798e2aade3f5793d
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_i386.deb
Size/MD5 checksum: 1175672 332441ac023e066bfad2e4df2ee35b82
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_i386.deb
Size/MD5 checksum: 30384 714976ea15e1c161c77dff509d08af96
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_i386.deb
Size/MD5 checksum: 21968 d1ee35f3e22dcd4a5319ae5b15817d0b
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_ia64.deb
Size/MD5 checksum: 1772012 ac19b785773eb877c29edb5a91c31767
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_ia64.deb
Size/MD5 checksum: 33496 e1d9e1ceff20bd7bbd0c137239034b75
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_ia64.deb
Size/MD5 checksum: 21966 f9b6ef26db22f14cb1a52e2b1a135c47
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_m68k.deb
Size/MD5 checksum: 1185624 aef06cbcb10c08ced6a8238b4a272fd8
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_m68k.deb
Size/MD5 checksum: 30750 8374561c75228f55694d1b941036294d
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_m68k.deb
Size/MD5 checksum: 21976 983356c74964bc23471196afaed70837
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_mips.deb
Size/MD5 checksum: 1264660 66d0b46d774ab9c61979b91fa1383593
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_mips.deb
Size/MD5 checksum: 29964 8f58fa68511d70e3490df77fdfd5d3ca
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_mips.deb
Size/MD5 checksum: 21972 46082fca9c342a46404ef189e1f1b635
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_mipsel.deb
Size/MD5 checksum: 1270922 0528f3b6609060164bb81a1d19441eac
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_mipsel.deb
Size/MD5 checksum: 29894 888c2904eaf40955ffcb6856e9ce2b55
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_mipsel.deb
Size/MD5 checksum: 21974 a00d005468404f9b1b0c55f2f3e25c6b
PowerPC architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_powerpc.deb
Size/MD5 checksum: 1422660 c2a3998e7716bc7215cad1d61329e161
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_powerpc.deb
Size/MD5 checksum: 31694 44e05fd82fd1fef08a350805338168dc
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_powerpc.deb
Size/MD5 checksum: 21970 83d4645426d80b755fac8e0a722a049b
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_s390.deb
Size/MD5 checksum: 1313194 883d197378cb2499dbea7b36f9f71015
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_s390.deb
Size/MD5 checksum: 31384 dff2953d4456c1b4f6369f2e80935dd1
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_s390.deb
Size/MD5 checksum: 21972 2c0deaf9b334082ad5f388e964f74295
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.0.7.dfsg.1-2sarge5_sparc.deb
Size/MD5 checksum: 1274948 1edf4c192e12a07d9f634701997b9401
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_sparc.deb
Size/MD5 checksum: 30342 c43e227874341d532402f62b662ec045
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.0.7.dfsg.1-2sarge5_sparc.deb
Size/MD5 checksum: 21976 1b0665679c70823fceafacedc84c33dd
-- Debian GNU/Linux 4.0 alias etch --
Source archives:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.2.13~dfsg-2etch1.dsc
Size/MD5 checksum: 1488 97a08cc08f7a14f50af5583f6cfaae89
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.2.13~dfsg-2etch1.diff.gz
Size/MD5 checksum: 178578 b99340fd02758c851c28ae1e3c955d42
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.2.13~dfsg.orig.tar.gz
Size/MD5 checksum: 3835589 f8ee088b2e4feffe2b35d78079f90b69
Architecture independent components:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-config_1.2.13~dfsg-2etch1_all.deb
Size/MD5 checksum: 131626 53dd0cd1001f4e78b2b2016773d60e5c
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-dev_1.2.13~dfsg-2etch1_all.deb
Size/MD5 checksum: 169902 3f0386aaaad741f88b25ec997e7af8dd
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-doc_1.2.13~dfsg-2etch1_all.deb
Size/MD5 checksum: 1499930 23be47715b380082a03a35d8805a6211
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-sounds-main_1.2.13~dfsg-2etch1_all.deb
Size/MD5 checksum: 1504542 e4ad12dc4a65fd9eaf8a58efc4def422
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-web-vmail_1.2.13~dfsg-2etch1_all.deb
Size/MD5 checksum: 73698 6feb2b37089d8f828130cc21c8e79625
http://security.debian.org/pool/updates/main/a/asterisk/asterisk_1.2.13~dfsg-2etch1_all.deb
Size/MD5 checksum: 146440 d90b1991d6afd624e9f31668ef018587
Alpha architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_alpha.deb
Size/MD5 checksum: 1934132 b322a206b3248e18a4ada8ecd87b7ded
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_alpha.deb
Size/MD5 checksum: 1897492 fa7a0e4791176049a7110b949384521d
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_alpha.deb
Size/MD5 checksum: 136926 41f35290480070e4831521847de74107
AMD64 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_amd64.deb
Size/MD5 checksum: 1752012 6541f884fe3fe9f48b4acc63cf693349
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_amd64.deb
Size/MD5 checksum: 1716992 cdf6e4ba213e5cfa3066f22f395ce98f
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_amd64.deb
Size/MD5 checksum: 133196 f8e1c9b4a8ab373f8bcba2aa000df651
ARM architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_arm.deb
Size/MD5 checksum: 1700720 e0397a0396919650c8a6d5368aaf2334
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_arm.deb
Size/MD5 checksum: 1667510 6457678cf86c159d8238cd3845fa19e5
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_arm.deb
Size/MD5 checksum: 136300 b1db97740d639312a9fe81d1f1203aeb
HP Precision architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_hppa.deb
Size/MD5 checksum: 1869060 7af81a120af617d6f8bd4a811ba81209
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_hppa.deb
Size/MD5 checksum: 1830320 ad3ca0f6130dd1730092e4a1ecd16300
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_hppa.deb
Size/MD5 checksum: 145084 68b9a07789c2f631d799e880a3b5760d
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_i386.deb
Size/MD5 checksum: 1648860 a4e6285b3a8859f93a52121468429ad3
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_i386.deb
Size/MD5 checksum: 1615580 f70eb637297095022cdbd859bddd8376
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_i386.deb
Size/MD5 checksum: 130820 76b1d7e76d2baae5857aa56a09e87652
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_ia64.deb
Size/MD5 checksum: 2394412 5ebec711b6e457c53f1193232bc4d3d8
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_ia64.deb
Size/MD5 checksum: 2348026 759e196b5702b5213387f21924541725
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_ia64.deb
Size/MD5 checksum: 149578 b288f2afa9155e69faff7823181abcab
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_mips.deb
Size/MD5 checksum: 1694260 c563cc857259855924323b1cb3ba1a00
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_mips.deb
Size/MD5 checksum: 1661664 8e47a70c83a8bbdb11f0dce83c2fe955
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_mips.deb
Size/MD5 checksum: 129886 52285a9197ecd9269b42024650717d9c
PowerPC architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_powerpc.deb
Size/MD5 checksum: 1862936 52427bfe7b0189a99a983774c0a4b6d8
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_powerpc.deb
Size/MD5 checksum: 1824632 88d7faa382d4918e0e667fff2863e623
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_powerpc.deb
Size/MD5 checksum: 132946 f9a538e42c44d4ee7390e95bf53fa4d8
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_s390.deb
Size/MD5 checksum: 1779980 75bbc48a8e0184278173a4edbab1bd5d
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_s390.deb
Size/MD5 checksum: 1743918 910d6863b1af755d619ff991b2f2163b
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_s390.deb
Size/MD5 checksum: 136414 7d0eb7a034f10319aa7fb538cc8fe5b2
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-bristuff_1.2.13~dfsg-2etch1_sparc.deb
Size/MD5 checksum: 1663536 cf93228c0e4142e626087f2c5b3722b3
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-classic_1.2.13~dfsg-2etch1_sparc.deb
Size/MD5 checksum: 1631434 1d7acccfd9cfbcbd1ac1ee515487b3df
http://security.debian.org/pool/updates/main/a/asterisk/asterisk-h323_1.2.13~dfsg-2etch1_sparc.deb
Size/MD5 checksum: 132076 a99f330580f855205796726963251506
-- Debian GNU/Linux unstable alias sid --
Fixed in version 1:1.4.11~dfsg-1.
ORIGINAL ADVISORY:
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00120.html
OTHER REFERENCES:
SA24380:
http://secunia.com/advisories/24380/
SA24564:
http://secunia.com/advisories/24564/
SA24977:
http://secunia.com/advisories/24977/
SA25134:
http://secunia.com/advisories/25134/
SA26099:
http://secunia.com/advisories/26099/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed