Researchers at Internet Security Systems said they found two flaws in the Asterisk open-source IP-PBX software. Both bugs use denial-of-service techniques–one with inbound calls and the other with fake accounts–to crash or simply render useless Asterisk servers. In response, the Asterisk community released patches as Asterisk 1.2.10 and Zaptel 1.2.7 (Zaptel is set of telephony drivers.)

For more on VoIP:
– see this IDG News article

ALSO: VoIP: Quality is still a big concern. Article