Ubuntu
asterisk package

[asterisk] [CVE-2008-1897] DoS vulnerability

Bug #227299 reported by disabled.user
256
Affects Status Importance Assigned to Milestone
asterisk (Ubuntu)
New
Undecided
Unassigned
Nominated for Dapper by disabled.user
Nominated for Feisty by disabled.user
Nominated for Gutsy by disabled.user
Hardy
New
Undecided
Unassigned
Intrepid
New
Undecided
Unassigned

Bug Description

Binary package hint: asterisk

References:
DSA-1563-1 (http://www.debian.org/security/2008/dsa-1563)

Quoting:
"Joel R. Voss discovered that the IAX2 module of Asterisk, a free
software PBX and telephony toolkit performs insufficient validation of
IAX2 protocol messages, which may lead to denial of service."

CVE References

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.