Asterisk contains a null pointer dereference vulnerability that may allow a remote, unauthenticated attacker to cause a denial-of-service condition on a vulnerable system.
Asterisk is a popular PBX application with VoIP support. Asterisk contains a null pointer dereference vulnerability that can allow a remote, unauthenticated attacker to crash the Asterisk server software with a specially crafted Session Initiation Protocol (SIP) packet (typically
A remote, unauthenticated attacker may be able to cause a denial of service on a vulnerable server.
Apply an update
Vendor| Status| Date Notified| Date Updated
Asterisk| | -| 05 Mar 2007
If you are a vendor and your product is affected, let us know.
Group | Score | Vector
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A
This vulnerability was reported by the Mu Security research team.
This document was written by Will Dormann.