Release DateDec 15, 2009 |
Severityhigh |
ImpactDenial of Service |
DescriptionThis indicates an attack attempt against a resource-exhaustion-based denial-of-service vulnerability in Digium's Asterisk.The vulnerability is caused by a design weakness when the vulnerable software handles a large number of messages. It allows a remote attacker to cause a denial-of-service condition. |
Affected ProductsAsterisk Asterisk Business Edition C.3.1.0 and previous versionsAsterisk Asterisk 1.6.1 5 and previous versions |
Recommended ActionsUpgrade to the latest versions:http://www.asterisk.org/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-2346 |
Reference/shttp://secunia.com/advisories/36593http://www.securityfocus.com/bid/36275 (BugTraq) |
