Asterisk SIP Channel Driver Uninitialized Variable Request Parsing DoS (AST-2011-012)
Medium Nessus Plugin ID 56922
SynopsisA telephony application running on the remote host is affected by a denial of service vulnerability.
DescriptionAccording to the version in its SIP banner, the version of Asterisk running on the remote host can be crashed remotely by an authenticated user when parsing an invalid SIP URI.
SolutionUpdate to Asterisk 22.214.171.124 / 10.0.0-rc1 or later.