asterisk
Page content
- Author: vmiklos
- Vulnerable: 1.4.11-1terminus1
- Unaffected: 1.4.11-1terminus2
A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling emails with a malformed MIME body. This can be exploited to crash the service by sending a specially crafted email to a user and tricking him into listening to the voicemail. Successful exploitation requires that the IMAP backend for the voicemail feature is used. Reportedly, other backends are not affected.
- Bug Tracker URL: http://bugs.frugalware.org/task/2377