FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- Exploitable Stack Buffer Overflow

Affected packages
1.4.* < asterisk14 <
1.6.* < asterisk16 <
1.8.* < asterisk18 <


VuXML ID 5ab9fb2a-23a5-11e0-a835-0003ba02bf30
Discovery 2011-01-18
Entry 2011-01-19

The Asterisk Development Team reports:

The releases of Asterisk,,,,,, and resolve an issue when forming an outgoing SIP request while in pedantic mode, which can cause a stack buffer to be made to overflow if supplied with carefully crafted caller ID information. The issue and resolution are described in the AST-2011-001 security advisory.