chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x before 1.4.41.1, 1.6.2.x before 1.6.2.18.1, and 1.8.x before 1.8.4.3, and Asterisk Business Edition C.3 before C.3.7.3, accesses a memory address contained in an option control frame, which allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a crafted frame.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Link | Tags |
|---|---|
| http://secunia.com/advisories/44973 | third party advisory vendor advisory |
| http://downloads.asterisk.org/pub/security/AST-2011-010-1.8.diff | patch |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/68205 | vdb entry |
| http://downloads.asterisk.org/pub/security/AST-2011-010.html | vendor advisory |
| http://www.securityfocus.com/bid/48431 | vdb entry |
| http://securitytracker.com/id?1025708 | vdb entry |
| http://secunia.com/advisories/45239 | third party advisory |
| http://www.debian.org/security/2011/dsa-2276 | vendor advisory |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062628.html | vendor advisory |
| http://secunia.com/advisories/45048 | third party advisory vendor advisory |
| http://www.osvdb.org/73309 | vdb entry |
| http://secunia.com/advisories/45201 | third party advisory |