Digium Asterisk IAX2 POKE Request Denial of Service (CVE-2008-3263)

A denial of service vulnerability has been reported in Digium Asterisk...

Gentoo Security Advisory GLSA 200905-01 (asterisk)

The remote host is missing updates announced in advisory GLSA 200905-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Fedora Update for asterisk FEDORA-2008-6853

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for asterisk FEDORA-2008-6676

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

openSUSE 10 Security Update : asterisk (asterisk-5524)

This security update fixes multiple security vulnerabilities in asterisk CVE-2008-1897, CVE-2008-2119, CVE-2008-3263, CVE-2008-3264. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Fedora 9 : asterisk-1.6.0-0.19.beta9.fc9 (2008-6853)

Security fixes for CVE-2008-3263 / AST-2008-010 and CVE-2008-3264 / AST-2008-011: AST-2008-010: Asterisk IAX 'POKE' resource exhaustion - http://downloads.digium.com/pub/security/AST-2008-010.html AST-2008-011: Traffic amplification in IAX2 firmware provisioning system -...

Fedora 8 : asterisk-1.4.21.2-1.fc8 (2008-6676)

Update to 1.4.21.2 to fix CVE-2008-3263 / AST-2008-010 and CVE-2008-3264 / AST-2008-011. AST-2008-010: Asterisk IAX 'POKE' resource exhaustion - http://downloads.digium.com/pub/security/AST-2008-010.html AST-2008-011: Traffic amplification in IAX2 firmware provisioning system -...

AST-2008-010: Asterisk IAX 'POKE' resource exhaustion

Asterisk Project Security Advisory - AST-2008-010 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Asterisk IAX 'POKE' resource exhaustion |...

CVE-2008-3263

CVE-2008-3263 is an IAX2 POKE-related denial-of-service affecting multiple Asterisk lines (Open Source 1.0.x, 1.2.x up to 1.2.30, 1.4.x up to 1.4.21.2; Business Edition B, C, AsteriskNOW, and s800i variants). The issue allows remote attackers to exhaust call numbers and consume CPU by rapidly sen...