Digium · Asterisk · CVE-2007-2297
**Name of the Vulnerable Software and Affected Versions**
Asterisk versions prior to 1.2.18
Asterisk versions 1.4.x prior to 1.4.3
**Description**
The issue is related to the SIP channel driver, which does not properly parse SIP UDP packets without a valid response code. This allows remote attackers to cause a denial of service, resulting in a crash.
**Recommendations**
For Asterisk versions prior to 1.2.18, update to version 1.2.18 or later.
For Asterisk versions 1.4.x prior to 1.4.3, update to version 1.4.3 or later.