PublicDate: 2008-01-08 02:46:00 UTC
Candidate: CVE-2008-0095
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0095
Description:
 The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17,
 Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance
 Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x
 before 1.0.3.4 allows remote attackers to cause a denial of service (daemon
 crash) via a BYE message with an Also (Also transfer) header, which
 triggers a NULL pointer dereference.
Ubuntu-Description:
Notes:
 fujitsu> Only affects 1.4.x.
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_asterisk:
upstream_asterisk: released (1.4.17)
dapper_asterisk: not-affected
edgy_asterisk: not-affected
feisty_asterisk: not-affected
gutsy_asterisk: needed (reached end-of-life)
hardy_asterisk: released (1:1.4.17~dfsg-1)
intrepid_asterisk: released (1:1.4.17~dfsg-1)
devel_asterisk: released (1:1.4.17~dfsg-1)