Asterisk Missing ACL Check Remote Security Bypass Vulnerability Network Vulnerability

Summary

Asterisk is prone to a security-bypass vulnerability. Attackers can exploit this issue to make network calls that are supposed to be prohibited. This may lead to other attacks.

Solution

Updates are available. Please see the references for details.

References

http://downloads.digium.com/pub/security/AST-2009-007.html
http://www.asterisk.org/
http://www.securityfocus.com/archive/1/507471
http://www.securityfocus.com/bid/36821

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

APC PowerChute Business Edition Unspecified Cross Site Scripting Vulnerability
Apple Remote Desktop Information Disclosure Vulnerability
AVG Anti-Virus 'hcp://' Protocol Handler Remote Code Execution Vulnerability
Aardvark Topsites Multiple Vulnerabilities
CA Gateway Security Remote Code Execution Vulnerability

Take action and discover your vulnerabilities