This application requires Javascript for optimal performance.

Digium.Asterisk.IAX2.Call.Number.DoS

Release Date

Dec 15, 2009

Severity

high

Impact

Denial of Service

Description

This indicates an attack attempt against a resource-exhaustion-based denial-of-service vulnerability in Digium's Asterisk.

The vulnerability is caused by a design weakness when the vulnerable software handles a large number of messages. It allows a remote attacker to cause a denial-of-service condition.

Affected Products

Asterisk Asterisk Business Edition C.3.1.0 and previous versions
Asterisk Asterisk 1.6.1 5 and previous versions

Recommended Actions

Upgrade to the latest versions:
http://www.asterisk.org/

Coverage

IPS
VCM

Common Vulnerabilities and Exposures (CVE)

CVE-2009-2346

Reference/s

http://secunia.com/advisories/36593
http://www.securityfocus.com/bid/36275 (BugTraq)

Reference: VID-17991