From 1f66c4e66b36bc3381e33ec7f502b7ac76609118 Mon Sep 17 00:00:00 2001 From: flo Date: Thu, 2 Jun 2011 20:39:53 +0000 Subject: - document asterisk remote crash vulnerability Security: http://www.vuxml.org/freebsd/34ce5817-8d56-11e0-b5a2-6c626dd55a41.html --- security/vuxml/vuln.xml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 6e0b92c997ef..e2def2995d65 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,35 @@ Note: Please add new entries to the beginning of this file. --> + + asterisk -- Remote crash vulnerability + + + asterisk18 + 1.8.*1.8.4.2 + + + + +

The Asterisk Development Team reports:

+
+

If a remote user initiates a SIP call and the recipient picks up, + the remote user can reply with a malformed Contact header that + Asterisk will improperly handle and cause a crash due to a + segmentation fault.

+
+ +
+ + CVE-2011-2216 + http://downloads.asterisk.org/pub/security/AST-2011-007.pdf + + + 2011-06-02 + 2011-06-02 + +
+ subversion -- multiple vulnerabilities -- cgit