oss-sec mailing list archives
Re: CVE request for Asterisk flaws
From: Josh Bressers <bressers () redhat com>
Date: Mon, 21 Mar 2011 16:19:49 -0400 (EDT)
I found some html copies of those (I don't like pdfs for such purposes). ----- Original Message -----
Two flaws were fixed in Asterisk: AST-2011-003: http://downloads.asterisk.org/pub/security/AST-2011-003.pdf - resource exhaustion DoS in Asterisk Manager Interface
http://downloads.asterisk.org/pub/security/AST-2011-003.html Use CVE-2011-1174
AST-2011-004: http://downloads.asterisk.org/pub/security/AST-2011-003.pdf - DoS in TCP/TLS server due to NULL ptr deref
http://downloads.asterisk.org/pub/security/AST-2011-004.html Use CVE-2011-1175 Thanks. -- JB
Current thread:
- CVE request for Asterisk flaws Vincent Danen (Mar 17)
- Re: CVE request for Asterisk flaws Josh Bressers (Mar 21)