Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20644
HistoryOct 02, 2008 - 12:00 a.m.

Additional Asterisk Resource Exhaustion DoS Vulnerabilities

2008-10-0200:00:00
vulners.com
12

Hello,

There are additional Asterisk RE Vulnerabilities. They are much like
the IAX POKE vulnerability except these make Asterisk segfault ( signal
11 ) when call numbers are exhausted.

http://www.securityscraper.com/pingpoke/iaxControlNewAuthmethods.txt
http://www.securityscraper.com/pingpoke/iaxControlNew.txt

The following links contain more information regarding the disclosure
Digium and as well other interesting pieces of interesting information.

http://www.voip0day.com/
http://www.jeremy-mcnamara.com/2008/09/24/asterisk-remote-denial-of-service-iax-control-new/
http://www.free-press-release.com/news/200809/1222413154.html

Feel free to contact me with any questions or concerns.

Thank You,

Blake Cornell