FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

asterisk -- SRTP Video Remote Crash Vulnerability

Affected packages
asterisk18 < 1.8.8.2
asterisk10 < 10.0.1

Details

VuXML ID dd698b76-42f7-11e1-a1b6-14dae9ebcf89
Discovery 2012-01-15
Entry 2012-01-20
Modified 2013-06-19

Asterisk project reports:

An attacker attempting to negotiate a secure video stream can crash Asterisk if video support has not been enabled and the res_srtp Asterisk module is loaded.

[source]

References

URL http://downloads.asterisk.org/pub/security/AST-2012-001.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.