Gentoo Linux Security Advisory GLSA 200802-11 - Multiple vulnerabilities have been found in Asterisk. Versions less than 1.2.21.1-r1 are affected.
c22751b6c44f0be0e1381fc575a51b4406baa3deccf8b780a0d0fc7a7200b488
Debian Security Advisory 1358-1 - Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit. These flaws range from denial of service to code execution vulnerabilities.
e4eecc4b68c56319b68bc71cec59dd07e652b2996865f66a46754f92a7849977
Asterisk Project Security Advisory - The Asterisk IAX2 channel driver, chan_iax2, has a remotely exploitable stack buffer overflow vulnerability. It occurs when chan_iax2 is passed a voice or video frame with a data payload larger than 4 kB. This is exploitable by sending a very large RTP frame to an active RTP port number used by Asterisk when the other end of the call is an IAX2 channel. Exploiting this issue can cause a crash or allow arbitrary code execution on a remote machine.
e4dc71a2fe12119c9e203636d801c336673cd5417bd25d738fda712d34d52222