Gentoo Linux Security Advisory GLSA 200905-01 - Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure.
8a221aac12797d099e480341a469baefe427ff3bc8ee0f6cb9b7b14595721e9d
Asterisk Project Security Advisory - By flooding an Asterisk server with IAX2 'POKE' requests, an attacker may eat up all call numbers associated with the IAX2 protocol on an Asterisk server and prevent other IAX2 calls from getting through. Due to the nature of the protocol, IAX2 POKE calls will expect an ACK packet in response to the PONG packet sent in response to the POKE. While waiting for this ACK packet, this dialog consumes an IAX2 call number, as the ACK packet must contain the same call number as was allocated and sent in the PONG.
d7ea9284131bcea62f7425642c3db4439b8033df1205a39d88ff0808e5893c71