PublicDate: 2006-10-23 17:07:00 UTC
Candidate: CVE-2006-5444
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5444
Description:
 Integer overflow in the get_input function in the Skinny channel driver
 (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as
 used by Cisco SCCP phones, allows remote attackers to execute arbitrary
 code via a certain dlen value that passes a signed integer comparison and
 leads to a heap-based buffer overflow.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_asterisk: released (1.2.7.1.dfsg-2ubuntu3.4)
edgy_asterisk: needed
feisty_asterisk: released (1.2.16~dfsg-1ubuntu3.1)
devel_asterisk: released (1.4.11~dfsg-1)
upstream_asterisk: needs-triage