Asterisk Remote Crash Vulnerability in SIP Channel Driver (AST-2011-012)
Medium Nessus Network Monitor Plugin ID 6043
SynopsisThe remote VoIP server is vulnerable to a denial of service attack.
DescriptionVersions of Asterisk 1.8.x earlier than 188.8.131.52 are potentially affected by a denial of service attack in the SIP channel driver. A remote authenticated attacker can cause a crash with a malformed request due to an uninitialized variable.
SolutionUpgrade to Asterisk 184.108.40.206