Asterisk Project Security Advisory - This advisory is a response to a false security vulnerability published in several places on the Internet. Had Asterisk's developers been notified prior to its publication, there would be no need for this. There is a potential for a buffer overflow in the sethdlc application; however, running this application requires root access to the server, which means that exploiting this vulnerability gains the attacker no more advantage than what he already has. As such, this is a bug, not a security vulnerability.
02df8010a89c1828facd661e89d15aad1405eb934f5d1de64b09abe22dfa82ae