oss-sec mailing list archives
CVE Request -- Asterisk: Stack-based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information (AST-2011-001)
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Wed, 19 Jan 2011 12:12:25 +0100
Hi Josh, Steve, vendors, Asterisk upstream yesterday released AST-2011-001, also with patches for supported versions. References: [1] http://downloads.asterisk.org/pub/security/AST-2011-001.html [2] http://seclists.org/fulldisclosure/2011/Jan/297 [3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610487 [4] https://bugzilla.redhat.com/show_bug.cgi?id=670777 Could you allocate CVE id for this? Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- Asterisk: Stack-based buffer overflow by forming an outgoing SIP request with specially-crafted caller ID information (AST-2011-001) Jan Lieskovsky (Jan 19)