SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe Asterisk project reports :
There is a stack overflow vulnerability in the res_http_websocket.so module of Asterisk that allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket. The attackers request causes Asterisk to run out of stack space and crash.
As a workaround disable HTTP websocket access by not loading the res_http_websocket.so module.
SolutionUpdate the affected packages.