Asterisk SIP SDP Buffer Overflow (AST-2013-001)
High Nessus Plugin ID 65896
SynopsisA telephony application running on the remote host is affected by a buffer overflow vulnerability.
DescriptionAccording to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a buffer overflow vulnerability related to SIP SDP headers and h264 video handling. This error could allow execution of arbitrary code.
SolutionUpgrade to Asterisk 11.2.2 or apply the patch listed in the Asterisk advisory.