CVE-2007-3762

Related Files

Gentoo Linux Security Advisory 200802-11

Posted Feb 27, 2008

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200802-11 - Multiple vulnerabilities have been found in Asterisk. Versions less than 1.2.21.1-r1 are affected.

tags | advisory, vulnerability

systems | linux, gentoo

advisories | CVE-2007-3762, CVE-2007-3763, CVE-2007-3764, CVE-2007-4103

SHA-256 | c22751b6c44f0be0e1381fc575a51b4406baa3deccf8b780a0d0fc7a7200b488

Download | Favorite | View

Debian Linux Security Advisory 1358-1

Posted Aug 27, 2007

Authored by Debian | Site debian.org

Debian Security Advisory 1358-1 - Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit. These flaws range from denial of service to code execution vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, code execution

systems | linux, debian

advisories | CVE-2007-1306, CVE-2007-1561, CVE-2007-2294, CVE-2007-2297, CVE-2007-2488, CVE-2007-3762, CVE-2007-3763, CVE-2007-3764

SHA-256 | e4eecc4b68c56319b68bc71cec59dd07e652b2996865f66a46754f92a7849977

Download | Favorite | View

ASA-2007-014.txt

Posted Jul 18, 2007

Authored by Russell Bryant | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk IAX2 channel driver, chan_iax2, has a remotely exploitable stack buffer overflow vulnerability. It occurs when chan_iax2 is passed a voice or video frame with a data payload larger than 4 kB. This is exploitable by sending a very large RTP frame to an active RTP port number used by Asterisk when the other end of the call is an IAX2 channel. Exploiting this issue can cause a crash or allow arbitrary code execution on a remote machine.

tags | advisory, remote, overflow, arbitrary, code execution

advisories | CVE-2007-3762

SHA-256 | e4dc71a2fe12119c9e203636d801c336673cd5417bd25d738fda712d34d52222

Download | Favorite | View