1
Candidate: CVE-2012-4737
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4737
5
http://downloads.asterisk.org/pub/security/AST-2012-013.html
7
channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x
8
before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk
9
Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk
10
Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during
11
certain uses of peer credentials, which allows remote authenticated users
12
to bypass intended outbound-call restrictions by leveraging the
13
availability of these credentials.
17
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680470
23
upstream_asterisk: released (1:1.8.13.1~dfsg-1)
24
hardy_asterisk: ignored (reached end-of-life)
25
lucid_asterisk: ignored (reached end-of-life)
26
natty_asterisk: ignored (reached end-of-life)
27
oneiric_asterisk: ignored (reached end-of-life)
28
precise_asterisk: ignored (reached end-of-life)
29
precise/esm_asterisk: DNE (precise was needed)
30
quantal_asterisk: not-affected (1:1.8.13.1~dfsg-1ubuntu2)
31
raring_asterisk: not-affected
32
saucy_asterisk: not-affected
33
trusty_asterisk: not-affected
34
utopic_asterisk: not-affected
35
vivid_asterisk: not-affected
36
vivid/stable-phone-overlay_asterisk: DNE
37
vivid/ubuntu-core_asterisk: DNE
38
wily_asterisk: not-affected
39
xenial_asterisk: not-affected
40
yakkety_asterisk: not-affected
41
zesty_asterisk: not-affected
42
devel_asterisk: not-affected