Spotlight | Reviews | Current Issue | Newsletter | Subscribe | Contact |
News
Features
Blogs
RSS Feeds
White Papers
Conference Videos
Departments
Current Issue
Special Editions
Spotlight
Reviews
LUGs
Event Calendar
Archives
Article Code

user friendly

  linux-magazine.com » Online » News » DoS Vulnerability in Asterisk  

Print this page. Recommend
Slashdot it! Delicious Digg

DoS Vulnerability in Asterisk

Jan 04, 2008

The makers of Asterisk, the Open Source phone system, have removed a bug that allowed denial of service attacks under certain circumstances.

The vulnerability affected the SIP channel driver, more specifically the "BYE with Also" transfer method. A faulty null-pointer dereference could be exploited to crash the application using a carefully crafted BYE message. The attack needed an existing connection.

All 1.4.x versions of Asterisk Open Source, all C.x.x versions of the Business Edition, the pre-release versions of AsteriskNOW, the Asterisk Appliance Developer Kit prior to version 1.4 revision 95946 and the Asterisk Appliance s800i up to version 1.0.3.4 are all affected by the bug.

Updates are available from the website for the Open Source applications. Updates for commercial versions will be provided via standard support channels.

(Jan Rähm)

Comments


Print this page. Recommend
Slashdot it! Delicious Digg
Related Articles
Local Vulnerabilities in Current Kernels
JavaScript Security Bug in Opera
Security Issue with FLAC Audio Codec
Thunderbird 2.0.0.12 Cures Vulnerabilities
Vulnerability Discovered in Rsync
Vulnerabilities in OpenSSL
Wherever you go...

...Linux Magazine goes with you!

Check out the advantages of a Digital Subscription:

  • Access articles by downloading PDFs,
  • find the Linux solutions you need with an easy keyword search,
  • maintain your own paperless archive...

more...

 

In the US and Canada, Linux Magazine is known as Linux Pro Magazine.
Entire contents © 2008 [Linux New Media USA, LLC]
Linux New Media web sites:
North America: [Linux Pro Magazine]
UK/Worldwide: [Linux Magazine]
Germany: [Linux-Magazin] [LinuxUser] [EasyLinux] [Linux-Community] [Linux-Nachrichten] [Linux Events]
Eastern Europe: [Linux Magazine Poland] [Linux Community Poland] [Darmowe Programy Poland] [Open Source DVD Poland] [Linux Magazin Romania]
International: [Linux Magazine Brazil] [Linux Magazine Spanish]
Corporate: [Linux New Media AG]