CVE-2008-1332

Name of the Vulnerable Software and Affected Versions Asterisk Open Source versions 1.2.x through 1.2.26 Asterisk Open Source versions 1.4.x through 1.4.18 Asterisk Business Edition versions A.x.x through B.2.5.0 Asterisk Business Edition versions C.x.x through C.1.6.1 AsteriskNOW versions 1.0.x through 1.0.1 Appliance Developer Kit versions before 1.4 revision 109393 s800i versions 1.0.x through 1.1.0.1

Description The issue allows remote attackers to access the SIP channel driver via a crafted From header.

Recommendations For Asterisk Open Source versions 1.2.x through 1.2.26, update to version 1.2.27 or later. For Asterisk Open Source versions 1.4.x through 1.4.18, update to version 1.4.18.1 or later. For Asterisk Business Edition versions A.x.x through B.2.5.0, update to version B.2.5.1 or later. For Asterisk Business Edition versions C.x.x through C.1.6.1, update to version C.1.6.2 or later. For AsteriskNOW versions 1.0.x through 1.0.1, update to version 1.0.2 or later. For Appliance Developer Kit versions before 1.4 revision 109393, update to revision 109393 or later. For s800i versions 1.0.x through 1.1.0.1, update to version 1.1.0.2 or later.