ISS finds bugs in Asterisk VOIP software

Researchers at Internet Security Systems said they found two flaws in the Asterisk open-source IP-PBX software. Both bugs use denial-of-service techniques–one with inbound calls and the other with fake accounts–to crash or simply render useless Asterisk servers. In response, the Asterisk community released patches as Asterisk 1.2.10 and Zaptel 1.2.7 (Zaptel is set of telephony drivers.)

For more on VoIP:
– see this IDG News article

ALSO: VoIP: Quality is still a big concern. Article

Rate it:  
More stories about Vulnerabilities   VoIP   Servers   Security   Patches   IP-PBX