4 matches found
openSUSE 10 Security Update : asterisk (asterisk-1676)
A security problem was fixed in the IAX2 channel driver of Asterisk that could be used by remote users to execute code or at least crash Asterisk. This issue is tracked by the Mitre CVE ID CVE-2006-2898. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...
[SECURITY] [DSA 1126-1] New Asterisk packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1126-1 [email protected] http://www.debian.org/security/ Martin Schulze July 27th, 2006 http://www.debian.org/security/faq -...
CVE-2006-2898
The IAX2 channel driver chaniax2 for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service crash and execute arbitrary code via truncated IAX 2 IAX2 video frames, which bypasses a length check and leads to a buffer overflow involving negative...
CVE-2006-2898
CVE-2006-2898 affects the IAX2 channel driver (chan_iax2) in Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11. The vulnerability allows remote attackers to crash the Asterisk server and, per reports, may enable arbitrary code execution via truncated IAX2 video frames that bypass length checks ...