CVE-2014-6609 Information

Description

The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

Reference

http://downloads.asterisk.org/pub/security/AST-2014-009.html