asterisk -- multiple vulnerabilities

Details

Asterisk project reports:

Asterisk Manager User Unauthorized Shell Access

ACL rules ignored when placing outbound calls by certain IAX2 users

[source]

CVE Name	CVE-2012-2186
CVE Name	CVE-2012-4737
URL	http://downloads.digium.com/pub/security/AST-2012-012.html
URL	http://downloads.digium.com/pub/security/AST-2012-013.html
URL	https://www.asterisk.org/security