CVE-2007-4455

Name of the Vulnerable Software and Affected Versions Asterisk Open Source versions 1.4.x through 1.4.10 AsteriskNOW versions prior to beta7 Asterisk Appliance Developer Kit versions prior to 0.8.0 s800i (Asterisk Appliance) versions prior to 1.0.3

Description The issue allows remote attackers to cause a denial of service, specifically memory exhaustion, via a SIP dialog. This occurs when a large number of history entries are created.

Recommendations For Asterisk Open Source versions 1.4.x through 1.4.10, update to version 1.4.11 or later. For AsteriskNOW versions prior to beta7, update to beta7 or later. For Asterisk Appliance Developer Kit versions prior to 0.8.0, update to version 0.8.0 or later. For s800i (Asterisk Appliance) versions prior to 1.0.3, update to version 1.0.3 or later.