Two closely related stack based buffer overflows exist in the SIP/SDP handler of Asterisk versions below 1.4.3. The vulnerabilities are very similar but exist as two separate unsafe function calls.
f8c568288ac57f37876970170b85ef7a0517044d2040d05c9e0ec46a28c0b31c