Asterisk SIP Channel Driver Denial of Service (AST-2011-007)
Medium Nessus Network Monitor Plugin ID 5939
SynopsisThe remote VoIP server is vulnerable to a denial of service attack.
DescriptionThe version of Asterisk running on the remote host is potentially affected by a denial of service vulnerability. If a remote attacker initiates a SIP call and the recipient picks up, the remote user can reply with a malformed Contact header that will cause Asterisk to crash.
SolutionUpgrade to Asterisk 188.8.131.52 or later.