asterisk -- Remote crash vulnerability

ID 34CE5817-8D56-11E0-B5A2-6C626DD55A41
Type freebsd
Reporter FreeBSD
Modified 2011-06-02T00:00:00


The Asterisk Development Team reports:

If a remote user initiates a SIP call and the recipient picks up, the remote user can reply with a malformed Contact header that Asterisk will improperly handle and cause a crash due to a segmentation fault.