Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16422
HistoryMar 22, 2007 - 12:00 a.m.

Two new DoS Vulnerabilities in Asterisk Fixed

2007-03-2200:00:00
vulners.com
4
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Digium have released fixes for two new DoS vulnerabilities in Asterisk
today.

Excerpt from 1.2.17:

Along with minor bug fixes, this release incorporates a fix for the SIP
DoS vulnerability recently discovered by INRIA Lorraine:

http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html

As well as the above vulnerability, Asterisk 1.4.2 was patched for:

http://bugs.digium.com/view.php?id=9313

For more information, visit:

http://www.sineapps.com/news.php?rssid=1707

Both vulnerabilities require remote access to the SIP stack.

Cheers,

Matt Riddell
Director

http://www.sineapps.com/news.php (Daily Asterisk News - html)
http://wap.sineapps.com (Daily Asterisk News for your cellphone)
http://feeds.feedburner.com/AsteriskNews (Daily Asterisk News - rss)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGAaPeS6d5vy0jeVcRAmvnAJ4rHak396iLuJrdYq/AAtjrvPtkkgCfZ8/W
Lbua+BntiKGu7pXqTAAIwkM=
=GZOk
-----END PGP SIGNATURE-----

JSON