Gentoo Linux Security Advisory GLSA 200804-13 - Multiple vulnerabilities have been found in Asterisk allowing for SQL injection, session hijacking and unauthorized usage. Versions less than 1.2.27 are affected.
67da6681bc621e1c47a9b59a1836b85459c55a674e2f9489f48e2bca51d3ffd7
Debian Security Advisory 1525-1 - Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit.
8a005f5ec36bdbd53917c342d96a68635121d0d7e8a082ff1e7174217e1c231c
Asterisk Project Security Advisory - Unauthenticated calls can be made via the SIP channel driver using an invalid From header. This acts similarly to the SIP configuration option 'allowguest=yes', in that calls with a specially crafted From header would be sent to the PBX in the context specified in the general section of sip.conf.
81843cf8445447d86cc4da5431fb5f1967c5dbd9adf9c537d45cdf64851f983b