diff options
| author | Florian Smeets <flo@FreeBSD.org> | 2012-01-20 00:14:41 +0000 |
|---|---|---|
| committer | Florian Smeets <flo@FreeBSD.org> | 2012-01-20 00:14:41 +0000 |
| commit | 9bb456e9a3c38c3bf6b7d4846f71b445c1d7c5c5 (patch) | |
| tree | e4b1acefa4979bbd67f6e264b3a49cfbb7ed9706 /security | |
| parent | 7d9f272f3df68e29c8b3003b0954deebd230e51b (diff) | |
| download | ports-9bb456e9a3c38c3bf6b7d4846f71b445c1d7c5c5.tar.gz ports-9bb456e9a3c38c3bf6b7d4846f71b445c1d7c5c5.zip | |
Notes
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b3e34c61385e..b16899b322a0 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -47,6 +47,37 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="dd698b76-42f7-11e1-a1b6-14dae9ebcf89"> + <topic>asterisk -- SRTP Video Remote Crash Vulnerability</topic> + <affects> + <package> + <name>asterisk18</name> + <range><lt>1.8.8.2</lt></range> + </package> + <package> + <name>asterisk10</name> + <range><lt>10.0.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Asterisk project reports:</p> + <blockquote cite="http://downloads.asterisk.org/pub/security/AST-2012-001.html"> + <p>An attacker attempting to negotiate a secure video stream can crash + Asterisk if video support has not been enabled and the res_srtp + Asterisk module is loaded.</p> + </blockquote> + </body> + </description> + <references> + <url>http://downloads.asterisk.org/pub/security/AST-2012-001.html</url> + </references> + <dates> + <discovery>2012-01-15</discovery> + <entry>2011-12-19</entry> + </dates> + </vuln> + <vuln vid="553ec4ed-38d6-11e0-94b1-000c29ba66d2"> <topic>tomcat -- Denial of Service</topic> <affects> |