CVE-2006-4345 Information

Description

Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows remote attackers to execute arbitrary code via a crafted audit endpoint (AUEP) response.

Reference

http://ftp.digium.com/pub/asterisk/ChangeLog-1.2.11 http://labs.musecurity.com/advisories/MU-200608-01.txt http://secunia.com/advisories/21600 http://secunia.com/advisories/22651 http://securitytracker.com/id?1016742 http://www.gentoo.org/security/en/glsa/glsa-200610-15.xml http://www.securityfocus.com/archive/1/444322/100/0/threaded http://www.securityfocus.com/bid/19683 http://www.sineapps.com/news.php?rssid=1448 http://www.vupen.com/english/advisories/2006/3372 https://exchange.xforce.ibmcloud.com/vulnerabilities/28542