*** Reindl Harald wrote: > looks like OpenVAS missed that there are for a long time now major > version greater than 10 - asterisk-13.3.2-1.fc22.x86_64
Both NVTs sending some SIP requests and don't compare the version. I'll have a look. > Details: Asterisk PBX NULL Pointer Dereference Overflow (OID: > 1.3.6.1.4.1.25623.1.0.9999991) > > Upgrade to Asterisk PBX release 1.4.1 or 1.2.16. > > Details: Asterisk PBX SDP Header Overflow Vulnerability (OID: > 1.3.6.1.4.1.25623.1.0.9999992) > > Upgrade to Asterisk release 1.4.2/1.2.17 or newer. Thanks for reporting. Micha -- Michael Meyer OpenPGP Key: 0xAF069E9152A6EFA6 http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
