Asterisk: Denial of Service Multiple buffer overflows in Asterisk might allow remote attackers to cause a Denial of Service condition. asterisk May 03, 2014 May 03, 2014: 1 504180 remote 11.8.1 1.8.26.1 11.8.1

Asterisk is an open source telephony engine and toolkit.

Multiple vulnerabilities have been discovered in Asterisk. Please review the CVE identifiers and Asterisk Project Security Advisories referenced below for details.

A remote attacker could possibly cause a Denial of Service condition.

There is no known workaround at this time.

All Asterisk 11.* users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/asterisk-11.8.1"

All Asterisk 1.8.* users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.8.26.1"
AST-2014-001 AST-2014-002 AST-2014-003 AST-2014-004 CVE-2014-2286 CVE-2014-2287 CVE-2014-2288 CVE-2014-2289 pinkbyte pinkbyte