Release DateMar 16, 2010 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer overflow vulnerability inAsterisk. The vulnerability is caused by an error when the vulnerable software handles a malicious string. It allows a remote attacker to execute arbitrary code via sending a malicious request. |
Affected ProductsAsterisk Asterisk 1.2.11 and earlier versions. |
Recommended ActionsApply the most recent upgrade or patch from the vendor.http://ftp.digium.com/pub/asterisk/releases ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586 http://security.debian.org/pool/updates/main/a/asterisk |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-5444 |
Reference/shttp://www.securityfocus.com/bid/20617 (BugTraq)http://www.securityfocus.com/archive/1/archive/1/449127/100/0/threaded |
