EUVD-2011-4522

Malware in sbrugna...

SUSE CVE-2011-4598

The handlerequestinfo function in channels/chansip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted sequence of SIP requests...

Debian DSA-2367-1 : asterisk - several vulnerabilities

Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit : - CVE-2011-4597 Ben Williams discovered that it was possible to enumerate SIP user names in some configurations. Please see the upstream advisory for details. This update only modifies the sample...

CVE-2011-4598

The handlerequestinfo function in channels/chansip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted sequence of SIP requests...

DEBIAN-CVE-2011-4598

The handlerequestinfo function in channels/chansip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted sequence of SIP requests...

AST-2011-014: Remote crash possibility with SIP and the "automon" feature enabled

Asterisk Project Security Advisory - AST-2011-014 Product Asterisk Summary Remote crash possibility with SIP and the "automon" feature enabled Nature of Advisory Remote crash vulnerability in a feature that is disabled by default Susceptibility Remote unauthenticated sessions Severity Moderate...

asterisk -- Multiple Vulnerabilities

Asterisk project reports: It is possible to enumerate SIP usernames when the general and user/peer NAT settings differ in whether to respond to the port a request is sent from or the port listed for responses in the Via header. When the "automon" feature is enabled in features.conf, it is possibl...