Moritz Muehlenhoff
2009-Dec-01 22:13 UTC
[Secure-testing-team] Bug#559103: CVE-2009-4055: RTP Remote Crash Vulnerability
Package: asterisk Severity: grave Tags: security http://downloads.asterisk.org/pub/security/AST-2009-010.html -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, ''unstable'') Architecture: i386 (i686) Kernel: Linux 2.6.31-1-686 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15) Shell: /bin/sh linked to /bin/bash Versions of packages asterisk depends on: ii adduser 3.111 add and remove users and groups pn asterisk-config | aste <none> (no description available) pn asterisk-sounds-main <none> (no description available) ii libasound2 1.0.21a-1 shared library for ALSA applicatio pn libc-client2007b <none> (no description available) ii libc6 2.10.1-7 GNU C Library: Shared libraries pn libcap1 <none> (no description available) ii libcurl3 7.19.7-1 Multi-protocol file transfer libra ii libgcc1 1:4.4.2-3 GCC support library ii libgsm1 1.0.13-3 Shared libraries for GSM speech co pn libiksemel3 <none> (no description available) ii libncurses5 5.7+20090803-2 shared libraries for terminal hand ii libnewt0.52 0.52.10-4.1 Not Erik''s Windowing Toolkit - tex ii libogg0 1.1.4~dfsg-1 Ogg bitstream library ii libpopt0 1.15-1 lib for parsing cmdline parameters ii libpq5 8.4.1-1 PostgreSQL C client library pn libpri1.0 <none> (no description available) pn libradiusclient-ng2 <none> (no description available) pn libsnmp15 <none> (no description available) ii libspeex1 1.2~rc1-1 The Speex codec runtime library pn libspeexdsp1 <none> (no description available) pn libsqlite0 <none> (no description available) ii libssl0.9.8 0.9.8k-6 SSL shared libraries ii libstdc++6 4.4.2-3 The GNU Standard C++ Library v3 pn libtonezone1 <none> (no description available) ii libvorbis0a 1.2.3-3 The Vorbis General Audio Compressi ii libvorbisenc2 1.2.3-3 The Vorbis General Audio Compressi pn libvpb0 <none> (no description available) pn unixodbc <none> (no description available) ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime asterisk recommends no packages. Versions of packages asterisk suggests: pn asterisk-dev <none> (no description available) pn asterisk-doc <none> (no description available) pn asterisk-h323 <none> (no description available) pn ekiga <none> (no description available) pn kphone <none> (no description available) pn ohphone <none> (no description available) pn twinkle <none> (no description available)