PublicDate: 2007-05-07 19:19:00 UTC
Candidate: CVE-2007-2488
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2488
Description:
 The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 does not
 properly null terminate data, which allows remote attackers to trigger loss
 of transmitted data, and possibly obtain sensitive information (memory
 contents) or cause a denial of service (application crash), by sending a
 frame that lacks a 0 byte.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_asterisk: ignored (reached end-of-life)
edgy_asterisk: needed (reached end-of-life)
feisty_asterisk: needed (reached end-of-life)
gutsy_asterisk: released (1.4.11~dfsg-1)
hardy_asterisk: released (1.4.11~dfsg-1)
intrepid_asterisk: released (1.4.11~dfsg-1)
jaunty_asterisk: released (1.4.11~dfsg-1)
karmic_asterisk: released (1.4.11~dfsg-1)
devel_asterisk: released (1.4.11~dfsg-1)
upstream_asterisk: needs-triage