DoS Vulnerability in Asterisk

Jan 04, 2008

Jan Rähm

The makers of Asterisk, the Open Source phone system, have removed a bug that allowed denial of service attacks under certain circumstances.

The vulnerability affected the SIP channel driver, more specifically the "BYE with Also" transfer method. A faulty null-pointer dereference could be exploited to crash the application using a carefully crafted BYE message. The attack needed an existing connection.

All 1.4.x versions of Asterisk Open Source, all C.x.x versions of the Business Edition, the pre-release versions of AsteriskNOW, the Asterisk Appliance Developer Kit prior to version 1.4 revision 95946 and the Asterisk Appliance s800i up to version 1.0.3.4 are all affected by the bug.

Updates are available from the website for the Open Source applications. Updates for commercial versions will be provided via standard support channels.

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

News

Linux Mint 22.3 Now Available with New Tools

Administration , Linux mint , Tools

Linux Mint 22.3 has been released with a pair of new tools for system admins and some pretty cool new features.
New Linux Malware Targets Cloud-Based Linux Installations

Cloud , Linux , malware

VoidLink, a new Linux malware, should be of real concern because of its stealth and customization.
Say Goodbye to Middle-Mouse Paste

Firefox , Gnome , Security

Both Gnome and Firefox have proposed getting rid of a long-time favorite Linux feature.
Manjaro 26.0 Primary Desktop Environments Default to Wayland

Desktop , Manjaro Linux , Wayland

If you want to stick with X.Org, you'll be limited to the desktop environments you can choose.
Mozilla Plans to AI-ify Firefox

Artificial Inte... , Firefox , privacy

With a new CEO in control, Mozilla is doubling down on a strategy of trust, all the while leaning into AI.
Gnome Says No to AI-Generated Extensions

Artificial Inte... , Gnome , LLM

If you're a developer wanting to create a new Gnome extension, you'd best set aside that AI code generator, because the extension team will have none of that.
Parrot OS Switches to KDE Plasma Desktop

Linux , Parrot OS , Plasma

Yet another distro is making the move to the KDE Plasma desktop.
TUXEDO Announces Gemini 17

Hardware , laptop , Linux

TUXEDO Computers has released the fourth generation of its Gemini laptop with plenty of updates.
Two New Distros Adopt Enlightenment

Desktop , Enlightenment , Linux

MX Moksha and AV Linux 25 join ranks with Bodhi Linux and embrace the Enlightenment desktop.
Solus Linux 4.8 Removes Python 2

Operating Systems , Python , Solus Linux

Solus Linux 4.8 has been released with the latest Linux kernel, updated desktops, and a key removal.

DoS Vulnerability in Asterisk

Related content

Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

News

Linux Mint 22.3 Now Available with New Tools

New Linux Malware Targets Cloud-Based Linux Installations

Say Goodbye to Middle-Mouse Paste

Manjaro 26.0 Primary Desktop Environments Default to Wayland

Mozilla Plans to AI-ify Firefox

Gnome Says No to AI-Generated Extensions

Parrot OS Switches to KDE Plasma Desktop

TUXEDO Announces Gemini 17

Two New Distros Adopt Enlightenment

Solus Linux 4.8 Removes Python 2

DoS Vulnerability in Asterisk

Related content

Subscribe to our Linux Newsletters Find Linux and Open Source Jobs Subscribe to our ADMIN Newsletters

Support Our Work

News

Tag Cloud

Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters