[asterisk-users] Anyone know which vulnerability specifically they are referring to?
Tilghman Lesher
tilghman at mail.jeffandtilghman.com
Mon Dec 8 11:24:15 CST 2008
On Monday 08 December 2008 09:11:08 am Jerry Jones wrote:
> http://www.networkworld.com/news/2008/120608-fbi-criminals-auto-dialing-wit
>h-hacked.html?Inform=nl&netht=rn_120808&nladname=120808dailynewsamal
>
> Criminals are taking advantage of a bug in the Asterisk Internet
> telephony system that lets them pump out thousands of scam phone calls
> in an hour, the U.S. Federal Bureau of Investigation warned Friday.
>
> The FBI didn't say which versions of Asterisk were vulnerable to the
> bug, but it advised users to upgrade to the latest version of the
> software. Asterisk is an open-source product that lets users turn a
> Linux computer into a VoIP telephone exchange.
Probably this one, since the summary points to that specifically:
http://downloads.digium.com/pub/security/AST-2008-003.pdf
--
Tilghman
More information about the asterisk-users
mailing list