[asterisk-biz] Recent REMOTE CRASH BUG

Trixter aka Bret McDanel trixter at 0xdecafbad.com
Sat Mar 3 10:23:28 MST 2007


On 3/2/07, Kevin P. Fleming <kpfleming at digium.com> wrote:
>
> David Thomas wrote:
> > What exactly is this bug? I get Access Denied for that number on the
> > bug tracker.
>
> The bug report has been marked private since it is an exploitable
> security vulnerability. New releases of Asterisk are already on the
> Digium FTP servers containing a fix for this issue.


can an exploit not be derrived from the patch in the code?  Why hide this
information since its clear the 'bad guys' already have it.


-- 
Trixter http://www.0xdecafbad.com     Bret McDanel
Belfast +44 28 9099 6461        US +1 516 687 5200
http://www.trxtel.com the VoIP provider that pays you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-biz/attachments/20070303/f1df6a81/attachment.htm


More information about the asterisk-biz mailing list