SecurityTracker.com Archives - Asterisk SIP Channel Driver Bug Lets Remote Users Deny Service

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (VoIP) > Asterisk

Vendors: Digium (Linux Support Services)

Asterisk SIP Channel Driver Bug Lets Remote Users Deny Service

SecurityTracker Alert ID: 1017723

SecurityTracker URL: http://securitytracker.com/id?1017723

CVE Reference: CVE-2007-1306 (Links to External Site)

Updated: May 18 2008

Original Entry Date: Mar 5 2007

Impact: Denial of service via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): prior to 1.4.1

Description: A vulnerability was reported in Asterisk. A remote user can cause denial of service conditions.

A remote user can send specially crafted data to trigger a flaw in the asterisk SIP channel driver cause the denial of service conditions.

Impact: A remote user can cause denial of service conditions.

Solution: The vendor has issued a fixed version (1.4.1).

The Asterisk advisory is available at:

http://asterisk.org/node/48320

Vendor URL: asterisk.org/node/48320 (Links to External Site)

Cause: Not specified

Underlying OS: Linux (Any), UNIX (Any)

Message History: None.

Source Message Contents

Date: Sun, 4 Mar 2007 19:31:20 -0500
Subject: Asterisk

 
 
> Asterisk 1.4.1 Released
 
> This release contains a very large number of bug fixes, including a fix for the 
> recently discovered security vulnerability.
 
http://asterisk.org/node/48320

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2007, SecurityGlobal.net LLC