[asterisk-dev] asterisk 1.4.1/1.2.16 release question

Kevin P. Fleming kpfleming at digium.com
Sun Mar 4 10:46:01 MST 2007

Anthony Lamantia wrote:
> "obvious reasons" .. ?,  I really would like to know what the risk to my
> asterisk servers are.

We have never, and will never, help potential exploiters directly.

The issue is that a very simple SIP packet can cause Asterisk to crash.
Figuring out how to construct that packet should be trivial for anyone
who understands the code and reads the (very small) patch.

More information about the asterisk-dev mailing list