Remote Privilege Escalation Vulnerability (CVE-2014-4046) for multiple Asterisk Products)
Release date:
Updated on:
Affected Systems:
Asterisk Open Source
Description:
--------------------------------------------------------------------------------
Bugtraq id: 68040
CVE (CAN) ID: CVE-2014-4046
Asterisk is a free and open-source software that enables the Telephone User Switch (PBX) function.
Asterisk Open Source and Certified Asterisk have the Remote Privilege Escalation Vulnerability. Attackers can exploit this vulnerability to escalate permissions and execute arbitrary shell commands in the context of the affected application.
Install Asterisk In Ubuntu 12.10
<* Source: Corey Farrell
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Asterisk
--------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://downloads.asterisk.org/pub/security/
This article permanently updates the link address: