This host has Asterisk installed and is prone to Denial of Service vulnerability.

Successful exploitation will let the attacker cause to Denial of Service. Impact Level: Application

Upgrade to version 1.2.35, 1.4.26.2, 1.6.0.15, 1.6.1.6 or apply the patch http://www.asterisk.org/downloads http://downloads.asterisk.org/pub/security/AST-2009-006-1.2.diff.txt http://downloads.asterisk.org/pub/security/AST-2009-006-1.4.diff.txt http://downloads.asterisk.org/pub/security/AST-2009-006-1.6.0.diff.txt http://downloads.asterisk.org/pub/security/AST-2009-006-1.6.1.diff.txt ***** NOTE: Please ignore the warning if the patch is applied. *****

An error in the 'IAX2' protocol implementation while processing call-number which can be exploited by initiating many IAX2 message exchanges.

Asterisk version 1.2.x before 1.2.35, 1.4.x before 1.4.26.2, 1.6.0.x before 1.6.0.15, and 1.6.1.x before 1.6.1.6 on Linux.

• http://downloads.asterisk.org/pub/security/AST-2009-006.html
• http://secunia.com/advisories/36593/
• http://securitytracker.com/alerts/2009/Sep/1022819.html

---

Updated on 2015-03-25