Bug#385060: asterisk: Asterisk MGCP AUEP Response Handling Buffer
Overflow
Stefan Fritsch
sf at sfritsch.de
Mon Aug 28 19:23:36 UTC 2006
Package: asterisk
Severity: grave
Tags: security
Justification: user security hole
Hi,
according to [1] asterisk 1.2.11 fixes a buffer overflow in the asterisk MGCP
implementation that allows an attacker to execute arbitrary code.
Since I don't use asterisk, I don't know whether this is actually included in
the Debian package. Please close or adjust the severity as appropriate.
Cheers,
Stefan
[1] http://secunia.com/advisories/21600/
More information about the Pkg-voip-maintainers
mailing list