Package: asterisk Severity: grave Tags: security Justification: user security hole
Hi, according to [1] asterisk 1.2.11 fixes a buffer overflow in the asterisk MGCP implementation that allows an attacker to execute arbitrary code. Since I don't use asterisk, I don't know whether this is actually included in the Debian package. Please close or adjust the severity as appropriate. Cheers, Stefan [1] http://secunia.com/advisories/21600/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
