Asterisk: Multiple vulnerabilities Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. Asterisk March 28, 2012 March 28, 2012: 1 408431 remote 1.8.10.1 1.8.10.1

Asterisk is an open source telephony engine and toolkit.

Two vulnerabilities have been found in Asterisk:

A remote unauthenticated attacker could execute arbitrary code or cause a Denial of Service condition.

There is no known workaround at this time.

All Asterisk users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.8.10.1"
AST-2012-002 AST-2012-003 CVE-2012-1183 CVE-2012-1184 ackle ackle