Gentoo Linux Security Advisory GLSA 200802-11 - Multiple vulnerabilities have been found in Asterisk. Versions less than 1.2.21.1-r1 are affected.
c22751b6c44f0be0e1381fc575a51b4406baa3deccf8b780a0d0fc7a7200b488
Debian Security Advisory 1358-1 - Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit. These flaws range from denial of service to code execution vulnerabilities.
e4eecc4b68c56319b68bc71cec59dd07e652b2996865f66a46754f92a7849977
Proof of concept exploit that tests for the chan_iax vulnerability in Asterisk versions below 1.2.2 and 1.4.8.
0fe24e538acfae0ecc02034399436751e441e38a805da233b244d3fb03bdda1c
Asterisk Project Security Advisory - The Asterisk IAX2 channel driver, chan_iax2, has a remotely exploitable crash vulnerability. A NULL pointer exception can occur when Asterisk receives a LAGRQ or LAGRP frame that is part of a valid session and includes information elements. The session used to exploit this issue does not have to be authenticated. It can simply be a NEW packet sent with an invalid username. The code that parses the incoming frame correctly parses the information elements of IAX frames. It then sets a pointer to NULL to indicate that there is not a raw data payload associated with this frame. However, it does not set the variable that indicates the number of bytes in the raw payload back to zero. Since the raw data length is non-zero, the code handling LAGRQ and LAGRP frames tries to copy data from a NULL pointer, causing a crash.
82005035f0af5942ecb9961ae6e9407bfeadba79e2de888767b6b9905cdf838f