Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 21 Mar 2011 16:19:49 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE request for Asterisk flaws

I found some html copies of those (I don't like pdfs for such purposes).

----- Original Message -----
> Two flaws were fixed in Asterisk:
> 
> AST-2011-003:
> http://downloads.asterisk.org/pub/security/AST-2011-003.pdf
> - resource exhaustion DoS in Asterisk Manager Interface

http://downloads.asterisk.org/pub/security/AST-2011-003.html

Use CVE-2011-1174

> 
> AST-2011-004:
> http://downloads.asterisk.org/pub/security/AST-2011-003.pdf
> - DoS in TCP/TLS server due to NULL ptr deref

http://downloads.asterisk.org/pub/security/AST-2011-004.html

Use CVE-2011-1175

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ