Asterisk contains a null pointer dereference vulnerability that may allow a remote, unauthenticated attacker to cause a denial-of-service condition on a vulnerable system.
Asterisk is a popular PBX application with VoIP support. Asterisk contains a null pointer dereference vulnerability that can allow a remote, unauthenticated attacker to crash the Asterisk server software with a specially crafted Session Initiation Protocol (SIP) packet (typically udp/5060).
A remote, unauthenticated attacker may be able to cause a denial of service on a vulnerable server.
Apply an update
This vulnerability was reported by the Mu Security research team.
This document was written by Will Dormann.
|Date First Published:||2007-03-05|
|Date Last Updated:||2007-03-19 19:15 UTC|