Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Asterisk Remote Crash Vulnerability in SIP Channel Driver (AST-2011-012)

Medium

Synopsis

The remote VoIP server is vulnerable to a denial of service attack.

Description

Versions of Asterisk 1.8.x earlier than 1.8.7.1 are potentially affected by a denial of service attack in the SIP channel driver. A remote authenticated attacker can cause a crash with a malformed request due to an uninitialized variable.

Solution

Upgrade to Asterisk 1.8.7.1