|
|
CVE Reference: CVE-2007-3763 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3763 |
|
|
Description: The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable. |
|
|
CVE Status: Candidate |
|
|
References: SUSE http://www.novell.com/linux/security/advisories/2007_15_sr.html ST 1018407 SAID Secunia Advisory: SA26099 Secunia Advisory: SA29051 GENTOO http://security.gentoo.org/glsa/glsa-200802-11.xml DEBIAN http://www.debian.org/security/2007/dsa-1358 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=185713 http://ftp.digium.com/pub/asa/ASA-2007-015.pdf BID 24950 |
|
| Return to the previous page. |
