Asterisk Remote Denial of Service - IAX Control New

Here we go again…  There is now exploit code circulating for yet another remote Denial of Service attack against Asterisk.

The asterisk resource exhaustion attack is against the IAX2 VoIP signaling protocol using the IAX Control New packet.  The exploit affects all versions of Asterisk.

Digium was notified of this discovery on August 17th, 2008 and again on August 19th, 2008.

Basecamp

Related Posts:
Vonage Users Vulnerable to VoIP Identity Theft
VoIP Decision Upeld - No State Regulation
Interop 2007: Building A Life Size Faraday Cage
Asterisk Now Runs on iPhone
AT&T Sues Vonage Over Patent 6,487,200

This entry was posted on Wednesday, September 24th, 2008 at 10:03 am and is filed under Asterisk, Digium, vulnerability. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply