oss-sec mailing list archives

CVE request for Asterisk flaws

From: Vincent Danen <vdanen () redhat com>
Date: Thu, 17 Mar 2011 11:28:13 -0600

Two flaws were fixed in Asterisk:

AST-2011-003: http://downloads.asterisk.org/pub/security/AST-2011-003.pdf
- resource exhaustion DoS in Asterisk Manager Interface

AST-2011-004: http://downloads.asterisk.org/pub/security/AST-2011-003.pdf
- DoS in TCP/TLS server due to NULL ptr deref

Could CVE names be assigned to these issues?

Thanks!

--

Vincent Danen / Red Hat Security Response Team

Current thread:

CVE request for Asterisk flaws Vincent Danen (Mar 17)
- Re: CVE request for Asterisk flaws Josh Bressers (Mar 21)