Candidate: CVE-2011-1507
PublicDate: 2011-04-27 00:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1507
 http://downloads.asterisk.org/pub/security/AST-2011-005.html
Description:
 Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25,
 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business
 Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated
 sessions to certain interfaces, which allows remote attackers to cause a
 denial of service (file descriptor exhaustion and disk space exhaustion)
 via a series of TCP connections.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_asterisk:
 upstream: http://downloads.asterisk.org/pub/security/AST-2011-005-1.6.2.diff
upstream_asterisk: released (1.4.40.1, 1.6.1.25, 1.6.2.17.3, 1.8.3.3)
dapper_asterisk: ignored (reached end-of-life)
hardy_asterisk: ignored (reached end-of-life)
karmic_asterisk: ignored (reached end-of-life)
lucid_asterisk: released (1:1.6.2.5-0ubuntu1.4)
maverick_asterisk: released (1:1.6.2.7-1ubuntu1.2)
natty_asterisk: released (1:1.6.2.9-2ubuntu2.1)
devel_asterisk: not-affected (1:1.8.3.3-1ubuntu1)