CVE-2007-2294

Priority
Untriaged
Description
The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3
allows remote attackers to cause a denial of service (crash) by using MD5
authentication to authenticate a user that does not have a password defined
in manager.conf, resulting in a NULL pointer dereference.
References
Package
Upstream:released (1.4.3)
Ubuntu 8.04 LTS (Hardy Heron):released (1:1.4.3dfsg-1)
Ubuntu 10.04 LTS (Lucid Lynx):released (1:1.4.3dfsg-1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:17:51 UTC (commit 5347)