CVE-2012-2947

Priority
Description
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert
before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x
before 10.4.1, when a certain mohinterpret setting is enabled, allows
remote attackers to cause a denial of service (daemon crash) by placing a
call on hold.
Notes
tyhicksThe default Ubuntu configuration should not be vulnerable since a
suggested music class is present.
Package
Upstream:released (1.8.12.1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [1:1.8.13.1~dfsg-1ubuntu1])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1:1.8.13.1~dfsg-1ubuntu1)
More Information

Updated: 2020-01-29 19:44:23 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)