CVE-2008-1333

Name of the Vulnerable Software and Affected Versions Asterisk Open Source versions 1.6.x before 1.6.0-beta6

Description The issue is related to a format string vulnerability that could potentially allow remote attackers to execute arbitrary code. This is due to the improper handling of logging messages by the ast verbose logging API call or the astman append function.

Recommendations For Asterisk Open Source versions 1.6.x before 1.6.0-beta6, update to version 1.6.0-beta6 or later to resolve the issue. As a temporary workaround, consider restricting access to the ast verbose logging API call and the astman append function until a patch is applied.